Per the github page “With the API stabilized, we aim to have AliasVault undergo a thorough security audit this stage. We have already initiated conversations with renowned cyber security companies who have taken interest in taking this on.”
I hope it doesn’t say as I didn’t bother to check - how do free projects get money for audits like this?
Good question. I don’t see anything about current funding. They do mention in the road map having a premium cloud subscription to cover cloud hosting.
I’m a keepass user myself. Too many hosted programs turn to crap one way or another. Let alone the trust componet. I hope for the best with this software.
Has this been audited? It’s easy to claim that something is secure, but there have been products that made such claims and were trivially exploitable.
The Github page says they are aiming to get one done soon.
They shouldn’t claim that an effing password manager is “secure” until after they’ve done an audit.
I’ll pass, thanks.
Do you have thoughts on 1password?
I’m curious why you asked this?…
Aren’t both of them password managers? I guess I wonder if someone has a preference for one over the other.
They are, it’s just odd to bring up an unrelated software.
I do use 1Password and like it, but I couldn’t compare it to this one.
I’ll optimistically sit back and see what comes of this. I’m happy with vaultwarden.
They said VaultWarden, not BitWarden. This shouldn’t affect them.
It could. The removal of “transparency” indicates to me that the clients might also stop being open source at some point and Vaultwarden doesn’t have its own clients.
One thing that jumps out at me reading the readme is the fact that it has a built in email server. Email is hard to get right, and I’m surprised a relatively young(?) project is working on getting all the moving pieces together rather than declaring it out of scope.
It’ll be interesting to see how it develops.
I would never trust a newly written email server and there is absolutely no reason not to use an already existing as a dependency to this project.
Thanks but i stick to keepass. It does the job






