I have created this thread to encourage a serious discussion about the security of Password Manager.
Personally, I have extensively used Sticky Password, Dashlane, Password Boss and Enpass.
I will be sharing studies and links about weakness, usability issues as well as my own experience.
For the past two days, I have been considering my options and I have finally settled on Sticky Password, but now I found out that Sticky Password does have some metadata unencrypted in its vault. I still have no idea what data they don't encrypt, but I will do some research on that matter.
Looking forward to hearing your insights and thoughts as well as you experiences.
Edit:
And excerpt form the link above
I believe I will contact Sticky Password and see what they have to say about this.
Personally, I have extensively used Sticky Password, Dashlane, Password Boss and Enpass.
I will be sharing studies and links about weakness, usability issues as well as my own experience.
For the past two days, I have been considering my options and I have finally settled on Sticky Password, but now I found out that Sticky Password does have some metadata unencrypted in its vault. I still have no idea what data they don't encrypt, but I will do some research on that matter.
Looking forward to hearing your insights and thoughts as well as you experiences.
Edit:
And excerpt form the link above
The only information that is not encrypted is limited metadata — for example, structural data such as row identifiers and field labels. This metadata does not contain any of the actual stored values like passwords, usernames, or secure notes. The encryption approach remains the same regardless of whether the vault is stored locally or synced online.
I believe I will contact Sticky Password and see what they have to say about this.

