"KeePassXC was still free open source and developed by volunteers in their free time."
This is not a benefit. Within the next 2 years, be wary of a log4j level exploit within Keepassxc.
If a software isn't being supported by a steady source of income, it really quickly can get behind in security and tech debt.
After all the discussion on here about how we can support open source projects, why is it still a badge of honour to say that a software has no support and is functioning on life support by "volunteers in their free time"?
I'd suggest any users of KeePassXC take their money and put it where it counts: find the organization that develops KeePassXC and give them the $60 a year that it costs to buy a commercial password manager like 1password.
If KeePassXC has all the features you need, it's worth paying them for it.
LastPass was bought for $100 million and had some security howlers.
"pass", on the other hand, has no funding and no security vulnerabilities.
I'm pretty sure it's more secure to use apps engineered with a deliberately tight scope that arent lavishly funded than egged-up VC bloated monstrosities.
You wanna bet that building in electron is gonna keep 1password more safe? I wouldnt. The attack surface on that thing is gonna be huge.
Closed source products are really well known for investing in security and keeping tech debt to a minimum. This is why no commercial closed source product depended on something like log4j without thouroughly auditing it first. Oh wait...
This is not a benefit. Within the next 2 years, be wary of a log4j level exploit within Keepassxc.
If a software isn't being supported by a steady source of income, it really quickly can get behind in security and tech debt.
After all the discussion on here about how we can support open source projects, why is it still a badge of honour to say that a software has no support and is functioning on life support by "volunteers in their free time"?
I'd suggest any users of KeePassXC take their money and put it where it counts: find the organization that develops KeePassXC and give them the $60 a year that it costs to buy a commercial password manager like 1password.
If KeePassXC has all the features you need, it's worth paying them for it.