What is Reddit's opinion of Password Manager for TREZOR?

From 3.5 billion Reddit comments

Yes, it's on the play store ( and source code here ) . Be warned, I didn't have much time lately to spent on the app, and looks like that something at Dropbox has changed, so it may not work correctly.

Hi, the data-format is open-sourced, so you could make a compatible app. We already did an Android app ( download here : https://play.google.com/store/apps/details?id=me.madriguera.pma ) and it's open-source too ( https://github.com/F7U12Team/password-manager ). This android version included a lasstpass import functionality.

For export/import,... the file is residing on your own account of Dropbox, it's as easy as get said file and move it somewhere else. If by import/export you mean to export the password to other managers, then your passwords may be at risks, as they probably need to be exported in plain text? Importing would be cool, it should be easy to do (import & export), but depends on the format of said data.

We (not related to trezor nor satoshilabs) have released a TPM for android https://play.google.com/store/apps/details?id=me.madriguera.pma and the source code is here https://github.com/F7U12Team/password-manager. It works offline, passwords are stored in the phone (and in dropbox if you choose to). We do have plans for a desktop version with offline capabilities too.

About your first question, the password manager does require dropbox in order to work and store the passwords. We developed an (unofficial, not related to satoshilabs) password manager for Android that doesn't require dropbox to work (file is saved locally on the phone). Check it at the Play Store or the source code.

We are working on a similar desktop app, but there isn't much to show yet.

> Why not make it so the Password Manager can be used offline and store the encrypted files on my device (phone/laptop, etc) rather than upload them to cloud storage? This way I could also create all my passwords on an airgapped computer.

If you own an Android device, you could try the PM for android : https://play.google.com/store/apps/details?id=me.madriguera.pma WARNING: I'm one of the developer of it, and it's not official or related to Satoshilabs. The downside, is that for the moment you have to trust us, since the code is not open-sourced yet.

The app is 100% compatible with the official chrome extension and could be used in offline mode.

>Android users should definitely get an option

There's an unofficial password manager for android https://play.google.com/store/apps/details?id=me.madriguera.pma (Warning I made it). It works with your dropbox and google drive account, but also offline and has the option to import password from lastpass. Unfortunately I didn't have enough time lately to update it and may not work anymore (also, not compatible with model T).

Model T implements webUSB interface (model 1 was going to receive the same feature too), this means that webpages could communicate directly with your trezor, hooray! No need for "apps" (like android password manager) anymore. I was told (or read, can't remember, might be wrong), that TREZOR team were working on a web version of their password manager (instead of the current chrome extension), so this app was no longer needed, but it looks like it's getting longer than expected. Due to several circumstances I'm not actively developing the app anymore. I had a lot of ideas like yours (offline, being able to configure your own server/ftp/...) but didn't have the time/support to do them.

> like when sharing passwords with others. There would be no way to give anyone else access

Password and data are encrypted with your unique seed, a person with a different seed could not decrypt your passwords (that's the point), the only way to share a password is in plain text, or if both persons have the same seed. Not sure how common is to share passwords with other people, but you could develop some process involving sharing some pub keys beforehand.

There's a LastPass importing feature in the un-official android app : https://play.google.com/store/apps/details?id=me.madriguera.pma

But I've recently heard people are having issues syncing with their Dropbox account, didn't have enough time to check. It may worth a shot.

Cool. A simple feature that would prevent loss of the entire database is doing periodic "backups" to a different file name (<hash>-<date>.pswd.bak or whatever), so that some history can always be restored, regardless of whether Dropbox' 30-day log is still in effect or not.

This would also be handy for recovery from when the app corrupts the database (yes, I know it's third-party, but you've sortof endorsed it).

I did a talk about this at FOSDEM last year, here's the video, and here the slides of the talk and some useful repositories one and two . There have been some changes in gomobile, so maybe something is a little outdated, but it should be easy to adapt. I talk mostly about Android, but it should be similar with iOS (I do not have an iOS device). (and here the app I talk about in the talk released on the play store, source code is also available)

In short, you could write you app with "full" native or use react native and bind it to your go code, or write everything in go (the interface will be in openGL). Accessing some features (usb, camera, storage,...) may be a little complicated, as you are required to ask for permission to perform some actions (in java) and pass the data to go.

The format of the file is public : https://github.com/satoshilabs/slips/blob/master/slip-0016.md

So anyone could create a program to read it,

if you feel comfortable with the command line and use Linux, I made a little tool/library to work with the TREZOR (you could read the passwords of your file) >> https://github.com/conejoninja/tesoro

And if you have a rooted android phone, you could copy your file to a special place and use the unofficial password manager for android (I made this too) : https://play.google.com/store/apps/details?id=me.madriguera.pma If you don't have a rooted phone, but used it before with dropbox, the file will be available offline on your phone.

The unofficial password manager for android ( https://play.google.com/store/apps/details?id=me.madriguera.pma ) works offline, (disclaimer: i'm the author of it, not related to trezor, source code here ).

Some time ago I proposed a change in the format so it will allow custom backends (like your own server, ftp,...) but didn't get any reply.

It may be no longer needed ( with the new firmware you should be able to access the web password manager/wallet on your phone on the web browser not any app), along with my lacking free time and support/help from the community, I'm no longer maintaining the project, but will be glad to help in an alternative.

Also you can try (unofficial) password manager for Android if you have phone that supports OTG:

• https://pma.madriguera.me/
• https://play.google.com/store/apps/details?id=me.madriguera.pma