- Apr 16, 2016
- 78
Hey guys,
As I was reading around about password management apps, and was deciding which one to use, I started digging a bit deeper..
After being interested in Dashlane, LastPass, etc. I found out about Bitwarden here on MT. A great concept, OpenSource, nice features... I bought premium, more to donate for keeping up with OpenSource/free concept than for features, but nvm.
Anyway, I wanted to secure it with 2FA, so I started looking around - everybody recommends Authy on the basis of being "better" than the others - when I say everybody, I mean people who reviewed the app(s), or used/using it, etc. One of the arguments caught my eye - better than Google's "spy" 2FA.
Ok, we all know what Google is all about, no point arguing there. As for Authy, they are more open about what are they want from you - straight from their Privacy policy here (the SHORT version):
All this under pretense of providing a better service and in case I need to recover my account?
So, what do you guys think, how could one retain at least a semblance of privacy on the internet? And don't you dare mention TOR after this! There's more about it, just use the search...
Thanks,
Predrag
As I was reading around about password management apps, and was deciding which one to use, I started digging a bit deeper..
After being interested in Dashlane, LastPass, etc. I found out about Bitwarden here on MT. A great concept, OpenSource, nice features... I bought premium, more to donate for keeping up with OpenSource/free concept than for features, but nvm.
Anyway, I wanted to secure it with 2FA, so I started looking around - everybody recommends Authy on the basis of being "better" than the others - when I say everybody, I mean people who reviewed the app(s), or used/using it, etc. One of the arguments caught my eye - better than Google's "spy" 2FA.
Ok, we all know what Google is all about, no point arguing there. As for Authy, they are more open about what are they want from you - straight from their Privacy policy here (the SHORT version):
When you use our app we collect:
- Your phone number, device type, and email address.
- If you use an application that integrates our 2-factor authentication API, they will send us your phone number and email address so we can validate who you are on their behalf.
- We keep a record of your log-ins to accounts for which you use Authy for 2-factor authentication.
- We use the information we gather from you to monitor for unusual or suspicious activity in your account, to communicate with you about your account, and as additional information that can be used to validate who you are if you need to recover your account or your account has been or may be compromised.
- Websites and programs that integrate our 2-factor authentication API will be able to see information they sent us about you, your login activity to their website and program, and your primary device type, but not any other websites or programs for which you use Authy.
- We also share your data with our third party service providers as necessary for them to provide their services to us. We may also have to share your data with third parties if required to do so by law.
- Your data will be transferred to the U.S.
All this under pretense of providing a better service and in case I need to recover my account?
So, what do you guys think, how could one retain at least a semblance of privacy on the internet? And don't you dare mention TOR after this! There's more about it, just use the search...
Thanks,
Predrag