I have just changed my password manager from 1Password to KeePassXC. I have not experienced any problems with 1Password. There was one thing that was on my mind that I couldn’t quite get over: my data is stored in the cloud.
I have been building a general skepticism of “the cloud” over the last few weeks. The cloud used to sound like this wonderous place where all of my computing problems would be solved. If I couldn’t do something on my local machine, I could do it in the cloud. I chose a cloud password manager because all of my passwords would be available on all of my devices, at all times. This convenience originally meant a lot to me.
Seeing as how I do not use my phone often, the synchronization services offered by my password manager are not meaningful. I am paying for a service whose primary benefit to me was synchronization and I am not using that feature. I decided to cancel 1Password today because I was unsure on exactly what value I was getting out of the service.
A Better Alternative
I considered a number of alternatives to 1Password. One of them was a command line utility called pass which encrypts your passwords using your PGP key. It was promising but I fear its barrier for entry is too high. I got confused during the set up and I would rather not lose my passwords. I looked at some commercial alternatives but if I am being honest I did not want to pay for a password manager.
I found KeePassXC earlier today which seemed promising. I took a quick look on their website and they had everything I needed. They were a password manager that would encrypt my passwords. They would provide a client which I can use to access my passwords. Open source has done me proud.
Storing data in the cloud with 1Password was a big problem because I don’t like the idea of my passwords being beamed off my computer into the great abyss that we call “the cloud,” over the internet. They may be secure but I would much rather keep my passwords at home where I can keep an eye on them. The cloud is not owned by me; anything could happen. 1Password could shut down. A security leak could compromise my passwords. Unlikely though it may seem, these are possibilities.
This was not my only concern. 1Password has done its job: it has given me storage services for my passwords. It has not done it very well when I think about it. This was a realization I had when I started researching Sublime Text last month. I learned that there was a better alternative to Atom. Knowing that this alternative exist made me consider how much time I had spent using a subpar tool.
1Password is a great tool. It did rub me the wrong way a few times. There were days where I had to restart the software to get it to work. It takes a while to find a password. Its autocomplete feature in Firefox does not work for me. (To make the comparison fair, I’d like to exclude this fact. KeePassXC does not have an extension in Firefox. Never mind. KeePassXC actually does have a Firefox extension. I’m installing it as I write.) I have found a better alternative in KeePassXC.
Switching to an open source password manager makes me feel more comfortable about how I store my passwords. My passwords are now stored locally. I do not need an account on a cloud service to access them. That way, I don’t need to worry about the dependability of 1Password. All I need is for my computer to be working well.
Like any open source software, I can see the code for KeePassXC. I haven’t taken a look at it and I probably will never do so. Still, this is important to me. I know that I can trust them because their code is available for anyone to read. If their services included vulnerable code, I’m sure that there would be at least one contributor who noticed and fixed the problem. Open source developers are devoted to the technologies they build in my experience.
This doesn’t matter as much to me but I am no longer paying for a password manager. KeePassXC is free. I am comfortable paying a premium for good software. That’s why I bought Sublime Text. This is significant because it makes me realize how little I need to pay for on the internet. I’ve trimmed down my online spending to almost nominal amounts. I have a few subscriptions. Aside from the NYT subscription that I cannot seem to cancel because they have no email address or button to cancel and their customer services staff are always busy (sorry, mini-rant!), my software costs are low.
What I like about open source software, in addition to everything else I’ve mentioned, is that it is usually non-commercial. It’s open to the world. Open source is not about earning money that ends up going to shareholders. It is about creating good software. That’s why I think there are so many strong open source alternatives to software. When developers have noticed a problem in an existing solution, they have been motivated by that experience to create something better. Money doesn’t need to be part of it.
Choosing Open Source
I would definitely move to an open source tool again. I’m sure that I will encounter deficiencies with KeePassXC. No software is perfect. I do believe that I have chosen the better of the options available to me. I am using a tool whose code is open and accessible to the world. I am no longer paying for a piece of software that does not work as well as its alternatives. I am happy with my choice.
I have used open source software for a long time. Many of the developer technologies on which I rely are open source. It’s just that I haven’t given much thought to just how much is open source. I wonder if there are other tools to which I can switch.