Because it’s closed source, there’s a higher likelihood that there is an undiscovered vulnerability in 1Password. Even though it is audited, a vulnerability could be introduced after the most recent audit and you would never know.
For something as mission-critical as a password manager, going with an open source solution gives just that much more confidence that your data is safe. To me it’s simply not worth the risk to blindly trust a company with my login data, when I could trust a company that displays their entire solution in the open.
Going to play Devil’s advocate here, but open source does not automatically mean that things are safe or that anyone is even auditing the code on anything that resembles a regular basis.
Heartbleed was introduced into OpenSSL source code in 2012 and wasn’t discovered and fixed until 2014
Because it’s closed source, there’s a higher likelihood that there is an undiscovered vulnerability in 1Password. Even though it is audited, a vulnerability could be introduced after the most recent audit and you would never know.
For something as mission-critical as a password manager, going with an open source solution gives just that much more confidence that your data is safe. To me it’s simply not worth the risk to blindly trust a company with my login data, when I could trust a company that displays their entire solution in the open.
Going to play Devil’s advocate here, but open source does not automatically mean that things are safe or that anyone is even auditing the code on anything that resembles a regular basis.
Heartbleed was introduced into OpenSSL source code in 2012 and wasn’t discovered and fixed until 2014
Absolutely, but it’s a probability game. Between those two options of BW and 1Password I’ll go with the choice that has the higher probably of safety.
Thanks, this answer in particular have me something to think about.