search

OneKeePass / desktop

A secure password manager for macOS,Linux and Windows platforms
GNU General Public License v3.0
215 stars 14 forks source link

Praise and suggestions #18

Open LFd3v opened 11 months ago

LFd3v commented 11 months ago

Please agree to the following

Summary

Congratulattions, and feature suggestions

Motivation

I have been using self-hosted Bitwarden for some time but, while the mobile app works fine, the desktop app is very heavy as it is basically the web app running on Electron, running slow on low end devices and using lots of resources.

Before, I was using MyKi, it worked very well, but it was not open source and the free version was discontinued.

I tried to use KeePass in the past, but the lack of a (user-friendly) app with support to all platforms (Linux, Android and iOS) was a big problem. Recently I was doing some tests on Android and I found OneKeePass, it was a great surprise: the apps look good on all platforms and the layout and features are very nice!

I will add my considerations below.

Considered Alternatives

  1. OTP: this is the main reason I cannot use OneKeePass right now. The simplest solution would be using an OTP field with the full URI, this is what is present in the QR codes used to add a new TOTP entry. At least one app that uses .kdbx supports this, while some others do the same as KeePassXC that separates the secret (seed) and the other settings in two separate fields. I would go for the full OTP URI, since one could use any QR code readers to read, copy and then paste the URIs if it is complicated to add one the app;
  2. Required fields: many times a new entry will not be used to store all fields, and most apps do not make any of them a requirement, not even the title, and having to fill unused data many times can be quite annoying;
  3. Colored passwords: use different colors for lowercase, uppercase, numbers and symbols, also use a monospaced font, this makes reading complex passwords much easier;
  4. Generated passwords: do the above, and also save the last configuration and allow blocking characters (or at least add an option to remove ambiguous characters), and an option to create a passphrase using something like the "EFF words list" would be really nice;
  5. When caching the db info, probably also saving the key file location would be a good idea too, only the password would be required, this would make unlocking the db much faster while still safe (of course, if the db requires only the key file, then do not cache it);
  6. Using a PIN (desktop app) and biometrics (mobile apps) to unlock the app if it was in the background for a while would be a great security feature in my opinion;
  7. Dark theme: both desktop and mobile apps lack a dark theme;
  8. Option to clone an entry (create a new entry with the same content, just adding something to the title initially) would be nice too;
  9. Saving the app state (window size, position, last used grouping type, etc), probably is a good UX improvement too;
  10. Regarding db synchronization: It is very easy on all platforms to access the db over a local mounting point, this is what KeePassXC does. For example, I can access a NextCloud or pCloud folder mounted locally on Linux, Android and iOS. A simple sync solution would be using a local cache of the db, and then copy it to the original location when there are any local changes, but before saving just check if the original db was changed, present the changes (like total number of items, number of items added or removed, etc) and offer the options to replace or merge the changes;
  11. Entries icons: if the entry has an URL, then use its favicon for the entry icon (I am not sure, but I think KeePassXC saves the icons in the db, since other apps can display them as well);
  12. The desktop app uses webkit2gtk-4.0, and while it uses much less memory than Electron, it still uses more than 100MB for the rendering engine alone. I do not know if it is possible or not, but usually GTK3 apps use much less memory than the GTK4 version, if the GTK3 version of webkit is supported by Tauri, I think it will receive maintenance support for some time, maybe a OneKeePass version using GTK3 would require much less resources.

Anything else?

I could migrate to OneKeePass and use it as daily driver as soon as 1-4 were implemented. In my opinion, it would easily be the best multi-platform KeePass app, hands down.

Please feel free to ask for more info, and if this will help, I can create a separate entries for each item above. I do not know much about Rust and I have never used Clojure, but maybe I can help with something else in the project...

Thanks for OneKeePass, congratulations for the app!

Regards

jeyasankar commented 11 months ago

Hi @LFd3v ,

Thanks for taking a look at OneKeePass and for your detailed suggestions on various improvements.

I will certainly take these suggestions into considerations. Most probably I will be able to add features 1-4 in few releases. I will keep adding other improvements in the later releases.