There is certainly no shortage of password managers for all modern operating systems. From traditional password managers like Keepass that save passwords locally to cloud-based solutions like Bitwarden that sync data between devices to increase the convenience of using a password manager.
The makers of the open source authenticator 2Fas Auth have expanded this year into password manager territories. Their 2Fas Pass application is open source and was launched just a few months ago.
2Fas Pass uses the same design principles as the oganization's authenticator app. It is designed with security and privacy in mind and follows the organization's local-first principle. Its zero-knowledge architecture protects data at rest and while in transit.
First, the basics. The password manager is available as a native app for Android and iOS only. You can install browser extensions to integrate it with desktop operating systems, but still need to run the mobile app as data needs to be retrieved from the application.
You can install the app free of charge and are not required to create an account. The very first thing you need to do after installation of the password manager is to generate secret words and set a master password. The first part happens automatically, the second asks for a password that needs to be at least nine characters long.
Once you have set the local password you are good to go. You need to download the vault decryption kit as a PDF or print it. This is the only option to restore access to the password database if you forget the password.
The password manager can import or export passwords. It supports a wide range of password services, including 1Password, Bitwarden, browsers like Chrome or Firefox, or LastPass. There is also an option to import a backup of 2Fas Pass passwords, for instance to move the database to another device.
2Fas Pass free vs. paid
The free version has three main restrictions. First, you can only save up to 200 items in the password manager. Second, you can't sync the passwords between devices. Third, you can only install and use one browser extension. The paid version removes the restrictions and costs about $10 per year. It is for you to decide whether the restrictions are too limiting.
Security tiers for passwords
One interesting feature of 2Fas Pass is the ability to set security tiers for passwords. The password manager supports secret, highly secret, and top secret tiers.
The main differentiating factor is access to the passwords. Secret passwords work with autofill and are also available in the browser extensions. Highly secret passwords become available only after you complete an additional confirmation step. Top secret passwords, finally, are isolated and they do not support autofill at all.
Closing Words
2Fas Pass is a new open source password with an interesting option to set the security level of individual passwords and a security- and local-first design. Desktop users may find the lack of dedicated desktop apps problematic. The limits of the free version may also keep some users from making the switch. While many may not run into the 200 passwords limit, restricting extension installations to just one browser could keep some users from even trying the password manager.
The price of a subscription is reasonable on the other hand and the only way for the organization to fund development and support.
Thank you for being a Ghacks reader. The post 2FAS Pass: local-first password manager from the makers of 2FAS Auth appeared first on gHacks Technology News.
0 Commentaires