Open enboig opened 6 years ago
Hi, At the moment passman doesn't support offline storage. Maybe we add offline support in the future, but for now we need to focus on other things first.
Ok, just keep it in mind; maybe if there is a change in database there can be added a field to mark password as "available offline", and enabling an option to extension to "request all passwords" and enabling a cache for extension to "store passwords encrypted with master password".
Thanks
What if something on server side changed because you edited it via the webextension ;)?
offline mode should be read-only; maybe just allow "insert new password", but I think it would be dangerous because somebody may think password is saved online while it isn't, I think it is safer to keep it read-only. And sometimes having an old/deprecated password is way better than having none at all.
i suggest to save critical like router password on a piece of paper that is securly hidden, because this will create a much larger attack surface.
Sometimes I am connected to Wifis with restricted access. There would be those offline storage awesome. You can protect the passwords with a key, and the "much lager attack surface" is gone. Other browser do it on the same way.
This feature is really a must for Android version. I cannot use PassMan because it is not available offline.
I also prefer an offline mode for the mobile-apps. Because for me there are some usecases (especially at work) where i don't have access to the internet nor can add passman to my browser.
Other usecases are "offline": like PINs for a door or the Bank automat. On all this places for sure I have - especially in urgent cases - no Internet access
For me it is also a no-go to depend on the network-connection to view my passwords. If the network or server is down for some reason, I don't have my passwords. Where do I store my passphrase to decrypt the disk of my nextcloud-server after a reboot? :D It's like with emails. I want to have them on multiple devices, but I want them available offline on each device. The nextcloud-android app can sync files for offline use and I suppose the desktop sync-client can do the same. IMHO it's essential. In any case, thanks for the good work!
This is a super important feature, imho. I wouldn't even call it a feature, it's one of the essential functions of a password manager. If you edit the password locally and online, just (interactively) dismiss the earlier version and keep the latest one.
Having the passwords available offline is crucial in the following cases:
These cases don't occur rarely enough to ignore them - they are an important consideration when choosing a password manager. I hope this can be solved, because not only do I need it, but I also can't keep recommending Passman as long as it lacks that feature (not as long as I'm also the system administrator of the Nextcloud instance. :P).
If you have any idea for the best way of implementing this, or need help doing it, I'd also be up for contributions. I love Passman, but I can only have peace of mind using it, when the availability of the web service is not a condition for the access to my passwords (and those of my clients).
Hi,
I totally agree with the others ! It is an important (critical ?) feature to add to passman (which is already awesome ;) )
+1. I have tried and tested passman. It's awesome, but lack of offline support is a no-go for me. I like the architecture of something like keepass better, where it uses the underlying storage engine for replication of it's db (being nextcloud in my case). Please put this feature on the top of the list, because I think it's a blocker for many people.
Highly secure sites forbid Internet access and require secure passwords (like prisons). They have many systems that frequently break (because of under qualified "technicians" riding on healthy service agreements) that are usually reactive instead of being diligent about replacing things like failed drives in a storage array. Bringing a list of all possible passwords you may need into a prison site is not an option. Getting special permission to bring in a smartphone with offline mode to pull passwords from is. Once inside a prison, the concrete walls, lack of cellular service and Internet access is a common issue and concern.
+1 Also as a use case. You use nextcloud at home often. Please think of people who have frequent power outages.
+1 Use Case: IT consultant in different companies with no Wifi access (or pw for it in pw db) and locations with bad mobile reception. THis and folder share are must haves for serious pro usage.
+1 Use Case: IT consultant in different companies with no Wifi access (or pw for it in pw db) and locations with bad mobile reception. THis and folder share are must haves for serious pro usage.
At this point, I would give up and look into VaultWarden (Self hosted Bitwarden). I run it on the same hardware as Nextcloud via docker and it has everything you're asking for.
Sadly you might be right. I was hoping for an enry-"killerapp" to establish nextcloud at my workplace.
Using VaultWarden is a very good alternative. For (read only) offline access I'm using the Passman Android app.
Thank you. I will build a test setup with it.
Sometimes my internet is down and I need access to the router (user:pass) to reboot it. Is there a way to use passwords offline? I mean using some sort of "browser extension cache".
This is my main reason to be stuck with keepass (hosted on nextcloud) right now.
Thanks