🆕 Software Suggestion | Passit

fabianski7 commented 4 years ago

Basic Information

Name: Passit Category: Password Manager URL: https://passit.io GIT: https://gitlab.com/passit

Description

Passit is an open-source, cloud-based password manager. It was built by people who love digital privacy and good design, and weren't satisfied with existing options. In every decision we make, we strive to strike a good balance between features, ease-of-use, security, and privacy. Passit uses the modern and battle-tested libsodium cryptography package to encrypt data in such a way that even we can't access.

A version for android is available but not yet published in f-droid
Security informations https://gitlab.com/passit/passit/-/wikis/security http://passit.io/security-model.html
Active since 2016

Why I am making the suggestion

This is a very simple password manager that uses libsodium (already audited - 2017) for the encryption of keys and password hash. With extensions for Firefox and Chromium. Totally opensource, it can be self-hosted but also provides a free account with an option to share passwords with others.

My connection with the software

Only one user who loved the simplicity of this project xD

[x] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.

ph00lt0 commented 4 years ago

Libsodium is audited but I can't find any audit on Passit. I think this should be required before listing a password manager. Project looks promising.

fabianski7 commented 4 years ago

I think so, too. But there are already some listed password managers that haven't been audited yet.

lynn-stephenson commented 3 years ago

Libsodium is audited but I can't find any audit on Passit. I think this should be required before listing a password manager. Project looks promising.

KeePass has undergone an audit, but not the popular KeePassXC, or mobile clients as far as I'm aware. While audits are important, it's also worth noting that it costs time and effort to do so, and if we had to audit every application before considering it recommended we'd get no where.

With that said, this issue should be closed. It doesn't have anything than can top BitWarden, nor KeePass clients.

lrq3000 commented 3 years ago

Although Passit doesn't have exceptionally innovative features and indeed is in competition with BitWarden, it doesn't preclude that it is an alternative that is still feature-rich from what I can see. It also has a few different features, such as the ability to import/export passwords as CSV files, which can be interesting for certain use cases, such as bulk migration (NB: BitWarden can import passwords in bulk but not from CSV files).

I think it should be added as a Worth Mentioning, but not as a recommendation (since it's not audited and younger).

privacytools / privacytools.io