The firms auditing it know better than most people but yes it would be better if it was fully open source.
If there’s a data breach of your password vault then they won’t have anything because it’ll all be encrypted.
E2EE doesn’t mean the user controls the keys it just means it’s encrypted between two points like your phone and your friend’s phone. I guess a better term is zero-knowledge encryption but regardless nothing about it means the user needs to control the keys.
True, but you still have to trust the provider that it’s encrypted and if there’s a data breach, they can still harvest the encrypted data and decrypt it later, although it wouldn’t matter as long as everyone changed all their passwords right after the data breach.
If the user controls the encryption keys the risks of a backdoor are much lower.
Also should we make a poll for this (to see whether or not the majority of users here are in favor of requiring open source for password managers) or make a separate thread for prioritizing local storage password managers?
I’m never going to use a local password manager, even if more secure. I like the convenience. Not sure if such a thread is proposing to kick out cloud based managers.
I don’t think we should prescribe prioritization or local vs cloud, but explain the risk and usability benefits if not already done so.
Maybe the local password managers could be lised first and the cloud password managers could be worth mentioning (worth mentioning should return, for some categories at least).
How do you know that?
One thing is that you would need to look at security in a broader term. The CIA traid dictates security in 3 manners: confidentiality, Intergrity, and availability.
Cloud based providers can help with the A part of this, availability. When your phone gets smashed or when youre computer crashes, you can simply login on another device and you are good to go.
One may argue that indeed confidentiality is a very important part of security, but its not the only thing that matters, especially with folks who are less tech savvy, who are unlikely to make proper backups.
It totally depends on how knowledgeable that user is. In opsec, you have to factor in “the users” as well since they are sometimes the weakest link. I will never let my mom, who is tech-illiterate and live far away from me, use a local password manager. Privacy Guides should provide resources for the mass as well, not just the tech-savvy.
Anyone can backup their passwords onto other devices so this is a non-issue.
If they lose their passwords then it’s their own fault for not making proper backups.
If this is your attitude then we no longer have to discuss. All I am saying is that while I acknowledge the upsides of an offline password manager, there are also downsides for non tech savvy users, a lot of which read PG as well. We try to keep a lot of threatmodels in mind, a cloud based are often just the best options for aformentioned users, you are always free to use an offline on yourself.
We will just have to agree to disagree here.
As Niek says, not everyone is tech savy. You or me or most of the people visiting this forum is aware of how to operate a computer or mobile device but let’s say my kid or my wife or my neighbour have no clue about it. When they use a computer or mobile they only know which buttons to push and don’t care anything else because just pushing these buttons is doing what they want. They don’t need to and want to know anything else.
So, no, you cannot put blame on users because they are not good with tech. The software should do it instead, and while doing that it could try to educate the people like ELI5. But saying things like below is not the proper way to communicate or treat people.
Then make video tutorials on how to make backups, transfer data from your computer to your phone (no cloud storage required, just a USB cable), and import passwords into another password manager. It’s easy. Even normies could do it. To me, this privacy journey isn’t just about using X instead of Y, but making lifestyle changes and cutting tech and the internet from my life. It doesn’t matter how reputable a cloud provider is. There’s always the risk associated with trusting a provider with anything, and passwords are the last thing I’d want to trust anyone else with.
Until the security of Linux and operating systems in general is improved cloud based providers may actually be safer than having an offline/local one unless local one is on a device that never connects to the internet. Their servers most likely have a smaller attack surface as they aren’t downloading and running programs made by devs with varying levels of competency, they aren’t browsing the internet on browsers that may be actively exploited (here’s a recent chromium one: NVD - CVE-2025-6558 ), and (in theory) they’re being monitored by people who are used to spotting threats.
lol just what “normies” want to do, spend time managing two password managers.
I think your projecting your own personal privacy goals onto everyone else. Not everyones goals or needs are going to be the same. A lot of these “normie” user have no need, threat model wise, to avoid the cloud. Not to mention, it adds another layer of inconvenience for people just trying to upgrade from keeping their password on the back of a manilla folder in their computer desk.
There are plenty of proprietary tools that could be considered better than FOSS alternatives, but it doesn’t mean that PG should just forget all the FOSS benefits and give up on it by including proprietary tools when it’s not necessary 
KeePass, Bitwarden, and Proton Pass are enough for pretty much 99% of people. I have transitioned a lot ot of my family members and friends into one of these password managers from just reusing the same password everywhere and all of them are happy.
And again, audits are not a replacement for open source.
Bullshit. Locally storing your passwords where they never leave your devices is less attack surface than trusting a provider whose ownership, privacy policy, and security can be compromised at any time. Your passwords aren’t in a centralized database which is likely a much bigger target for hackers. Besides, you’re still running the software on your device regardless.
I think you can just boil this down to a fundamental disagreement. We both know eachothers points and arguments, but we just disagree, thats fine, we are allowed to have a different views on things :).
One more benefit is that password managers like KeePassDX are completely offline, so they can’t even exfiltrate your database.
Yeah we are, and I think we should make a compromise and write more about the pros and cons of local vs cloud password managers. Maybe PG can cater to both normies and advanced tech-savvy users (and although not as applicable here as other categories, ideologies as well).
And 1Password should be removed regardless because it’s closed source and we already have several other password managers which are enough for most people. 1Password is frequently audited? So is Bitwarden.
This is 100% what’s happening.
I also think this is a pretty good recommendation and think PG should do this.