Is there an open source no-AI password manager out there?
Trying to bail on BitWarden… KeePassXC (with SyncThing) seems to come up as the most recommended, but they’ve been using copilot. Seems like they might still have the strongest anti-ai stance of the available options though, despite that.
#PasswordManager #NOAI @fuck_ai
Then just the the normal/official KeePass client. Old as hell but probably therefore also AI free.
@30p87 oh duh, how’d I miss that lol. Ty, this is perfect!
I like KeePassXC and SyncThing for my own use. I am not sure that I am ready to apply a no-llm purity test if a dev is using a model appropriately. If the code becomes obfuscated somehow, that would be another matter. In the longer term I hope FOSS devs do not come to rely on paid cloud models or favor code quantity over quality.
chipass is a strict no-ai fork of the last keypassxc version without ai code. it’s got a banner warning that’s it’s in dev and may likely cause corruption so make regular backups of your db, but i’ve been using it for a week or so with no issues so far.
as for android, i’m using keepass2android as it’s got a fancy cloud saving feature where i can keep the db saved in my nextcloud and easily sync the db on my desktop as well.
@nublug oooh, this needs to get added to the various no-ai lists out there
https://codeberg.org/small-hack/open-slopware
is what i use and is where i learned of chipass. notably they don’t mention keepass2android either way so i just lightly poked around its repo and didn’t see any sign of llm so went with it for now.
Been using keepassxc for well over a decade and syncing with nextcloud, but yes syncthing works too. Only once did my database go corrupt, but I have zfs snapshot and nextcloud has versioning too so it was no big deal.
@MxRemy @fuck_ai I use and love “pass”, a command line local password manager for linux. Instead of syncthing I use git to manage versioning and synchronization.
I know that’s a super limited use case, but there are GUIs and TUIs available for pass, and other manager tools may be built on top of it, I’m not sureI don’t know of any AI features in it but I could be wrong. I use Proton(after moving from 1PW to Bitwarden then to Proton): https://proton.me/blog/pass-open-source-security-audit
Does Proton’s pw manager have any missing features at the free tier compared to Bitwarden? For example Proton Calendar paywalls the ability to color code events. Not much, but just curious.
I’ve no firsthand knowledge on it(went from paid BW to free Proton) but did find this comparison of features that seems to show what’s added at each tier:
Battten down the hatches! Downvotes incoming!
Battten down the hatches! Downvotes incoming!
Battten down the hatches! Downvotes incoming!
Battten down the hatches! Downvotes incoming!
Keepass it’s simple and it has been audited.
keepass
Password safe is the one i use
keepassxc is fine… i’m aware they’re testing LLMs in the development process but last I checked it was sane enough and quite understandable
No AI, no database, no vault.
Self hosted (html only, zero dependency).
@vala whoaa what!! Lemme see if I understand this right… It’s less of a password manager and more of a deterministic password generator? As in, it’ll always spit out the same resulting password given the correct input passphrase + domain of the site being logged into? So you just essentially generate it again instead of ever storing it.
I’m so amazed and curious about this approach, what are the pros and cons? Obviously there’s still the risk of someone learning your passphrase, but there’s no hackable database of passwords. Do you get a different output from different variations of the same URL, like including a “/” at the end? What does saving the bookmark actually do, like pre-fill the URL field? Given that autofilling is supposed to be more secure than copy/pasting, is there some way to make this do that?
Sorry for the barrage but I’m very tempted by this one, it’s neat!
Yeah that’s more or less how it works. You generate it deterministically every time.
what are the pros and cons?
Not really sure of the cons aside from the fact that you get significant “vendor”/algo lock-in. You need the exact same algo this app uses to get your password back out (good thing it’s GPL).
Do you get a different output from different variations of the same URL, like including a “/”.
Yeah an extra slash at the end means a whole new password. The “name” is not really a “URL” per se. It can be any string.
So for example “lemmy.dbzer0.com”, “vala@lemmy.dbzer0.com”, and “lemmy.dbzer0.com 2” are valid site names and will give different passwords.
That being said I could see omitting some special trailing chars, protocol strings etc.
What does saving the bookmark actually do, like pre-fill the URL field?
Basically every parameter of the password generator is codified into the URL. So bookmarking a URL allows you to load a page with prefilled data like:
- Special chars
- Length
- Revision number
- Algorithm
- etc
These parameters are all required to be the same each time you need to generate the password. So it can help you avoid filling these forms each time + act as a reminder of what you used.
Given that autofilling is supposed to be more secure than copy/pasting, is there some way to make this do that?
It will auto-fill your master passphrase but if you mean auto-filling your credentials into sites, it would need to be made into a browser plugin to do that.
Does an “AI” password manager even exist? I’m pretty sure that’s a terrible idea.
Of course, text prediction machines would create low-entropy passwords, that would be awful.
They mean “coded with AI”.
Hmmm I’m using vaultwarden. Its a fork of bitwarden that is opensource. My problem with it is that you have to use the bitwarden app. But it is opensource and as the web corrected me last week when bitwarden’s CEO went Nazi, it is completely unrelated to bitwarden. Except that at least one of bitwarden’s engineers who is not a Nazi but works for one is allowed to work on vaultwarden by that Nazi CEO.
Maybe not a Nazi, but the new CEO is a private equity type that tend to enshitify things. So he started by removing the 'always free" and changing the company’s stance on supporting equality to nothing…so Nazi.
