> Am I being overly paranoid? How should I be approaching the issue of trusting the developers of password managers?
Hmm. Maybe? The trouble is at some point you have to trust someone and there isn't a good way to measure this. Even if the source of the iOS app was open (I don't know if it is, just a hypothetical) there is no guarantee that the source you looked at is the same that was used to compile the binary itself.
I use one for iOS. I sure hope it's trustworthy. But if it isn't...well I don't really know where to turn to. LastPass? I tried them before but was amazing at how awful the UX was and I was too paranoid that someone would eventually find a flaw, get in and expose everyone's passwords ever because it's a cloud service...I am likely too paranoid.
I've been complaining about the LastPass UX for years. Just in the past month I've noticed them start to quietly roll out improvements - one feature at a time. Gives me hope that in a few months the situation will be completely different. As for the trust thing, yeah... I don't even trust myself.
Hmm. Maybe? The trouble is at some point you have to trust someone and there isn't a good way to measure this. Even if the source of the iOS app was open (I don't know if it is, just a hypothetical) there is no guarantee that the source you looked at is the same that was used to compile the binary itself.
I use one for iOS. I sure hope it's trustworthy. But if it isn't...well I don't really know where to turn to. LastPass? I tried them before but was amazing at how awful the UX was and I was too paranoid that someone would eventually find a flaw, get in and expose everyone's passwords ever because it's a cloud service...I am likely too paranoid.