[thrownaway954]

all the comments here are getting hung up on the encryption.

me, personally, i think you did a hell of a job with this. personally i'm not going to be sharing any launch codes with my spouse, so i could care less about how industry standard and unbreakable the encryption is, but for account based credentials like netflix and spotify, this is great.

also, the landing page is spot on showcasing what this app is and how easy it is to share with others. take a bow dude and i wish you some good fortune.

[imglorp]

Netflix yeah but how many bank passwords are going in there?

Consider there are at least three copies of the data at rest: on each member's phone and more seriously, assuming also on OP's server. How long until the whole database gets breached and shows up on PasteBin?

Then as another thread mentioned, it's trivial to brute force the whole heap of vaults trynig 4-digit PINs and then look for treasure.

[daniel_sushil]

Hi imglorp - we don't save your passwords on our servers when you save them. It is only stored on your own device, encrypted. If you choose not to share, it will never leave your phone. When sharing, we use end-to-end encryption. When sharing, we only store the encrypted version of the shared content until it is received by the recipient (or 30 days whichever comes first). This is similar to the technique WhatsApp follows.

[teraku]

Yea but you can also just use Open-Source bitwarden and either self-host, use free-tier for personal use or buy their service for 10$/year and it also enables sharing credentials.

[daniel_sushil]

Thanks thrownaway954!