[tetris11]

Resric is great but the lack of empty passwords, and the response by the developer about it is very grating:

https://github.com/restic/restic/issues/1786

[bandyaboot]

He very politely said he thinks it’s better to keep the password requirement in place and was deciding to do that. What’s grating about that? Personally, I think his concern about users mistakenly not setting a password could be alleviated with an explicit —insecure flag, or similar.

[BrandoElFollito]

This is the exact reason why I do not use restic.

This is a backup tool, not a security one. The fact that the author does not understand this is a real problem and a red flag.

[aborsy]

It’s a good idea to enforce passwords for security. The features of backups done right are incremental backup, snapshot, deduplication, encryption and compression.