![]() There are so many things to think about by you, in addition also it's risky business. It needs to be easy, have an easy to understand UI and a good documentation. This thing is not being used by pros like RoyalTS(X) but it is being used by totally unlearned untalented normal people. There's TOTP and configurable Webpage forms. fingerprint auth in iOS or on the new MacBooks (regardless me liking this or not). ![]() There are lots of things, people do use and like, e.g. I in person need to let three keychains being opened up in untrusted Windows also, as well two personal ones on iOS and macOS so there needs to be advanced syncing option - via several clouds, local storage and even Wifi. It is not Safari, Firefox or Chrome only. In addition, you could make the encryption algorithm open source or use one, that is well known and point out how you do use it. So How could you gain trust? You might need code reviews as well as a public statement. The very first two things to start thinking about is trust and encryption. Keychain management itself is not done from now to tomorrow. I thought myself whom would I give trust? Yes, there are ton's of "passwordmanagers" in the wilderness, but none of them is a suitable keychain manager in a security, trust and feature point of view. I am searching right now for an alternative to the software I'm using and I don't find a solution that fits on this planet. There is a huge demand, if you realize what is happening to AgileBits -> Link.
0 Comments
Leave a Reply. |