New Update Buttercup - A Simple Password Manager

J

JM Safe

Level 39
Thread author
Verified
Top Poster
Apr 12, 2015
2,882
Buttercup is a freeware and intuitive password manager, which uses AES 256 Bit encryption to secure stored passwords. Buttercup is available for Windows, Linux and Mac, but also for browsers (Chrome and Chrome-based browsers and Firefox and Firefox-based browsers) and for iOS and Android.
chrome.google.com

Buttercup

Browser extension for Buttercup
chrome.google.com chrome.google.com

desktop.png
 
  • Like
Reactions: [correlate], ForgottenSeer 100397, Vasudev and 5 others
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Bump.

Homepage: Buttercup
Made in Finland.
Buttercup is free to download and use and is available for Windows, Mac and Linux. Use it alongside the browser extension and mobile app for a completely portable experience.

Buttercup’s mobile applications employ similar safety techniques to banking applications, such as auto-lock and a security overlay when the app is minimized.
Click to expand...

exodus-privacy Report: εxodus
 
  • Like
  • Thanks
Reactions: [correlate], ForgottenSeer 100397, CyberTech and 3 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459

Buttercup

buttercup.pw buttercup.pw
github.com

GitHub - buttercup/buttercup-desktop: :key: Cross-Platform Passwords & Secrets Vault

:key: Cross-Platform Passwords & Secrets Vault. Contribute to buttercup/buttercup-desktop development by creating an account on GitHub.
github.com github.com

2023-10-15_11-16-52.png


After ditching ProtonPass ( free ) because with the version update 1.8.1, they enforced 1 main vault, that couldn't be used any longer as it was impossible to enable it without go for the paid version, I stumbled over this little cutie and several parts reminded me of F-Secures password manager that also is a local installed solution. Buttercup though has IMO a more pleasing UI and most important also works with Opera.

It don't exist any recent reviews from 2023 that I could find and user guides are pretty " spare ", but the import option was easy and after a few connection settings for the extension it's up and running. Here's a installation guide from 2022 that was more or less spot on:

 
  • Like
Reactions: [correlate], silversurfer, Gandalf_The_Grey and 3 others
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Notice: Thread moved from Extensions to Passwords sub-forum due to changes announced below. TLDR; Buttercup now requires the desktop app.


Desktop Update - Buttercup v2.21.0 for Chrome MV3 (November, 2023)
The upcoming browser extension release changes how the application works on a fundamental level, with vaults no longer being stored in the extension. After its v3 release, the extension will require the desktop application to be running for vaults to be accessible.

It is highly recommended that all those using the extension upgrade to this version as soon as possible.

This release adds support for Finnish and Japanese languages.
Click to expand...
Download: Releases · buttercup/buttercup-desktop

I've mentioned this several times on social media, but I'm aware that many people probably haven't read such updates. I think this is best handled as a discussion anyway.

What's changing​

Due to Chrome's manifest v3 changes, Buttercup can no longer run a daemon process in the background. This process, up until now, was used to keep decrypted credentials in memory while vaults were unlocked. The daemon didn't sleep and its memory was only wiped when the browser closed or the extension updated. Manifest v3 drops support for background (daemon) processes and in doing so will prevent Buttercup from working in the same way.

After toying with running Buttercup restfully in the new service worker model (it didn't work), I've decided to make some drastic changes to how the extension works: namely, that the browser extension will interface directly with the desktop application. All vaults, their statuses and their contents will be retrieved from the desktop application, running in the background, instead of from the extensions memory.

What does this mean?​

  • You will no longer have vaults stored in the browser extension
  • The desktop application must be running to use the extension
  • The browser extension's "vaults" will be the same as those connected to the desktop application
  • To use a vault in the extension it must be unlocked in the desktop app
  • Saved credentials from the browser will be saved via the desktop application
  • The local vault connector support in the extension will be removed, as you can natively access file-based vaults in the new model
This is a huge change for the platform, and not one I've decided on without giving it a bit of thought. I definitely preferred having the vaults isolated within the extension, but their were some problems:
  • Inefficient - obviously doing it this was wasteful CPU/memory wise as having them stored just once in the desktop application would be better
  • More effort - soon you'll just connect a vault once and it'll be available in both places
  • Unpolished - the extension has a few quirks, such as updates locking all vaults
I feel like this is genuinely better for Buttercup going forward.
Click to expand...
Discussion: Upcoming release: Requirement for Desktop application running · buttercup/buttercup-browser-extension · Discussion #451
 
  • Like
  • Thanks
Reactions: upnorth, Gandalf_The_Grey, silversurfer and 1 other person
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Ditched (disabled) because Proton decided to fix their free version. But even that is clunky to use, still in my personal view better than Buttercup. Not sure how it could beat Bitwarden. :unsure:

Might enable and test Buttercup again soon, and see if I can notice any improvements.
 
  • Like
Reactions: CyberTech, I Walk MY Way, silversurfer and 2 others

Similar threads

Ink
    • Like
New Update Cloaked - mask your phone and email, password manager and OTP
Replies
0
Views
607
Passwords and passkeys
Ink
Ink
silversurfer
    • +Reputation
    • Like
Serious Discussion KeePassXC Password Manager
Replies
1
Views
719
Passwords and passkeys
silversurfer
silversurfer
BigWrench
    • Like
    • Thanks
Unlimited Giveaway Sticky Password Premium is a free license for 1 year. For all devices
Replies
0
Views
696
Giveaways, Promotions and Contests
BigWrench
BigWrench

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top