On 07/14/2014 01:36 PM, John Andersen wrote:
Agreed that as our hard-earned geezerhood approaches, the rising "number-of-things-to-remember" curve crosses the "available-internal-memory-slots" declining curve we will all need some password vault.
However, I've found I need these keys on the go, and prefer to put them in something that can run on my phone, tablet, laptop, and desktop, and have all of them kept in sync.
JA I agree with the portability need, but unless it is open-souce, there IS NO WAY IN HELL I'm trusting my credentials to any package I can't verify isn't copying it somewhere else :-) That has always been the rub. Think about all those duplicitous apps out there designed to steal your personal information. Chromium, and just about every other app that touches your information collects it and phones-home for "Big Data" mining. With the risk of identity theft at an all time high, no way am I trusting anything from apple or google (or 3rd parties that write for their stores) with my data. That is where keepassx has always had the advantage. Open-source, and in simpler times, it provided the solution by a datafile that was transferable between windows and linux (that was a big deal 10 years ago). It also made a portable version for usb. I haven't had the time to keep up on all the developments, but keepassx was always the stepchild of 'keepass' which has continued heavy development and does have a mobile version floating around, but licensing gets mucked up when offered through apple or google. I'm glad to see 2.0alpha under development, but do not have the time or desire to spend 1/2 day kicking the tires to enable a comfortable move to it from 0.4.3. Moreover, what to do about Linux/Windows portability of the new .kdbx format. Can it be transferred to the windows boxes at the office, and can the office pw file be read by whoever orders the next round of supplies? That is why there is "stable/current release" software and then a classification called "Alpha" software (for testing and development, but NOT for mainstream use). Distros should not release "Alpha" software in place of "stable" software for just these reasons. There are real world costs involved with with this that, to a large degree, prevents Linux from ever being considered for business use. I digress. I always keep a lookout for a clean keepass or keepassx to hit the mobile shops, but so far, I just haven't found one that is trustworthy enough to try with real data. The thought of entering test data and then having to capture all traffic from the device for at least 30 days to insure it wasn't phoning-home just isn't practical for me. -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org