password-manager-resources
GmsCore
password-manager-resources | GmsCore | |
---|---|---|
19 | 432 | |
4,025 | 7,077 | |
0.4% | 6.3% | |
7.6 | 9.5 | |
5 days ago | 2 days ago | |
JavaScript | Java | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
password-manager-resources
-
Don't Fuck with Paste
Even Apple was so annoyed at this themselves that they actually went for a full open-source open-for-contributions GitHub repository at https://github.com/apple/password-manager-resources to get around these issues.
> Many password managers generate strong, unique passwords for people so that they aren't tempted to create their passwords by hand, which leads to easily guessed and reused passwords. Every time a password manager generates a password that isn't compatible with a website, a person not only has a bad experience but a reason to be tempted to create their password. Compiling password rule quirks helps fewer people run into issues like these while also documenting that a service's password policy is too restrictive for people using password managers, which may incentivize the services to change.
-
Ask HN: Where's the website that shows password requirements for other sites?
Check out https://github.com/apple/password-manager-resources
-
Suggestion: Collect every website possible info about how long could be a password on that site and suggest the longest possible password for it
Apple has already created the database for this and made it open source: https://github.com/apple/password-manager-resources
- I’m really sick of keychain password suggestion NOT WORKING on more than half the internet. WHY!!
-
I hate password rules!
Something like this?
-
what is the most practical password length?
Password rules are really all over the place. Based on the sampling available on Apple's password rules database, seems that the majority of sites would accept a 12-character password (although ironically, most websites that restrict the password to be shorter than 12 characters seem to be banks...).
-
Easily move all your passwords from Bitwarden to iCloud Keychain
There are still some things in Keychain that feel stupid. For example, Keychain won't merge https://www.google.co.uk and https://www.google.com accounts into one and you can't do it by yourself, and it will even warn about duplicated passwords for these two websites — that's very stupid especially because Apple maintains open database for password managers which solves the problem of alias domains. But that's the most annoying thing for me.
-
YouTubePluginReplacement.cpp: YouTube-specific code in WebKit
https://github.com/apple/password-manager-resources/blob/mai...
For being "quite obscure", I've at least heard of most of these sites before. Banks with "maxlength: 8", you love to see it.
-
Why does Apple’s “Strong Password” not meet most websites’ criteria
FWIW, Apple asks users to tell them the password requirements to websites they notice the "Strong Password" feature doesn't work correctly.
-
How to use iCloud Keychain, Apple's built-in and free password manager
The password complexity rule set is open source, you can contribute requirements for specific sites: https://github.com/apple/password-manager-resources
GmsCore
-
Apple Introduces M4 Chip
I, an engineer, am not doing this myself, too. There is a middle ground though: just use a privacy-oriented Android build, like DivestOS. [1]
There are a couple caveats:
1. It is still a bit tricky for a non-technical person to install. Should not be a problem if they know somebody who can help, though. There's been some progress making the process more user friendly recently (e.g. WebUSB-based GrapheneOS installer).
2. There are some papercuts if you don't install Google services on your phone. microG [2] helps with most but some still remain. My main concern with this setup is that I can't use Google Pay this way, but having to bring my card with me every time seems like an acceptable trade off to me.
[1]: https://divestos.org/
[2]: https://microg.org/
-
Google Fit APIs get shut down in 2025, might break fitness devices
I have been running de-googled LineageOS since before it renamed/reformed from CyanogenMod, so since somewhere around 2013/14. That has looked rather different depending on what exactly I need from my phone but I'll share what my current set up looks like.
First, I have don't use any kind of Google/Samsung/Apple Pay wallets so if you do, this may not be helpful; I've never looked into trying to get any of those working. Also, by "de-googled" I mean that I don't have GApps installed on my phone. I do have microG[0] installed as a Magisk[1]/LSPosed[2] module; this allows a few apps to believe I have GApps while most apps do not see/have access. I do not turn on microG for any apps (i.e. no connection to the Google servers/services via microG).
Most of my apps come from F-Droid[3], a few from Aurora Store[4] (a 3rd-part frontend for the Play Store that does not require either an account or GApps installed), a very few from FFupdater[5], and have played with using Obtanium[6] but currently only have one (weather) app updating via it. I have several different repositories configured in F-Droid but I don't generally keep mental track of which repository I am dependent on for which apps; the default, IzzyOnDroid[7], Bitwarden[8], NewPipe[9], microG[10], and Collabora[11] are some of them.
I have two banking apps installed via Aurora Store, one of which requires microG and root-hiding (via Magisk module) while the other doesn't require either. My browsers (Firefox, Firefox Klar, Brave) come from FFupdater and none require microG. My texting (QUIK SMS), email (K-9 Mail), TOTP authenticator (Aegis), password manager (Bitwarden), GPS/Maps (OsmAnd), file syncing (Nextcloud), notes (Nextcloud Notes), HN reader (HN), and Contacts/Calendar sync (DAVx5, ICSx5) apps all come via F-Droid (either the main repo or others). I have many others apps which come from F-Droid or Aurora Store but the above are my most used.
For file, calendar, notes, photo, & contact syncing, I have a Nextcloud server set up and find it to work quite well; the Nextcloud apps are also quite good. Someone who doesn't want to run their own could use a hosted account[12]. Contacts & calendars are synced to Nextcloud via DAVx5 & ICSx5.
The primary challenges I am aware of at this point are hardware (it is increasingly difficult to install LineageOS on most hardware due to bootloader locks), and navigation (OpenStreetMap data usually doesn't include addresses in the USA). For hardware, the solution is essentially just to properly research the phone you want to buy; I always make sure the model is well supported by LineageOS before purchasing and then tend to hang on to it for several years. For navigation, I usually find the address on my desktop or mobile browser (via DuckDuckGo) and then manually input the location into OsmAnd before the trip but I also keep WeGo Here maps installed in case I don't have time for that (it usually takes <2 minutes and rarely more than 5 to manually find & enter the address). Additionally, getting the one banking app to work without GApps was a pain in the butt initially (requiring testing several Magisk & LSPosed modules), but now it just works and I don't really think about it.
Overall, I don't find my version of de-googled to be a detriment; my phone is useful and I have more control over my data and over annoyances (such as unnecessary notifications) than I would otherwise.
[0] https://microg.org
-
LineageOS is currently installed on 1.5M Android devices
Is anyone here daily-driving microg and can share their experiences? https://github.com/microg/GmsCore/wiki/Implementation-Status does not exactly inspire confidence.
-
Google Update Reveals AI Will Read All Your Private Messages
...will need to be rewritten to avoid Google Play Services.
Not true.
All that needs to happen is for open source developers to "re-implement Google’s proprietary Android user space apps and libraries".
https://microg.org/
-
A closer look at e/OS: Murena's privacy-first 'deGoogled' Android alternative
microG itself connects directly to Google: https://github.com/microg/GmsCore/wiki/Google-Network-Connec...
No shit, of course they do.
>In general, we obviously try to minimize the connections to Google, but some services strictly rely on them and would just not work without.
What exactly do you think they should do instead?
-
I need a help
MicroG
-
Plans to update to 0.3 in microg's lineage builds?
In release notes for GmsCore v0.2.29.233013 (https://github.com/microg/GmsCore/releases/tag/v0.2.29.233013), I also see:
-
[Help] Is there a module I can install that enables push notifications on a device without google services?
Yes, the Xposed module is one way. There are also other ways
- Firefox for Android is adding support for 400 add-ons
-
Which MicroG fork and version should I use?
Which one should I use? Is this MicroG's official website right? (https://microg.org/)
What are some alternatives?
security.txt
MinMicroG - Sources and scripts for MinMicroG installers. You shall find no prebuilt releases here.
foundationdb - FoundationDB - the open source, distributed, transactional key-value store
FakeGApps - A better approach for microg
winget-pkgs - The Microsoft community Windows Package Manager manifest repository
openauto - AndroidAuto headunit emulator
hummingbird - Hummingbird compiles trained ML models into tensor computation for faster inference.
UnifiedNlp - Alternative network location provider for Android, with plugin interface to easily integrate third-party location providers.
coremltools - Core ML tools contain supporting tools for Core ML model conversion, editing, and validation.
opengapps - The main repository of the Open GApps Project
securitytxt.org - Static website for security.txt.
anbox - Anbox is a container-based approach to boot a full Android system on a regular GNU/Linux system