undefined
@aiono @lunarloony @nina_kali_nina yes I feel you. There's always a trust component. Indeed there have been nasty exploits in open source as well. Remember xz?
Alternatively you would need to build everything yourself. But then there's the "competency" issue. I am just not competent enough with encryption to be sure that I am implementing everything correctly, and not introducing possible exploits. And there's the "time" issue as well, of course. So I choose to trust the devs.
@aiono @lunarloony @nina_kali_nina
Yeah as I said, like many open source, it is all a community effort by individuals. There is a link from the official project page to an older version of the android app, it has been archived but you can still download the apk and it still works. The version in the app store is a fork that just implements fixes and dependency updates. There is no new functionality. I would say it is more open and reliable than any of the closed source alternatives.
@aiono @lunarloony @nina_kali_nina what do you mean with "official"? It is open source. You can check all code, even compile it yourself. It is all individuals who build and maintain it. There is no big company backing it.
@aiono @lunarloony @nina_kali_nina yes, there is an android app available that works quite good: https://f-droid.org/packages/app.passwordstore.agrahn
@mcc @jcnotwit the unix password manager does exactly that (and much more) and has an otp plugin, works fine. https://www.passwordstore.org/
@lunarloony @nina_kali_nina what I'm using is old school, open source, self hosted and ai free: https://www.passwordstore.org/