I've read several threads about the "best" password keeper and I'm trying to decide between Keepass and Mindwallet.
On the one hand, Keepass is open-source (which I consider a plus), but it uses SD storage. As it has been well documented, SD storage is not secure at all. So if there's an evil app installed that grabs all the data from my SD card, I would think a brute force attack on my Keepass file will allow the evil doer to have all my private information. I assume no one has found a way for Keepass to use the native storage on a Droid.
My other selected option is to go with Mindwallet, which is not open-source and thus we don't know everything the developer is doing with the full network access. This is NOT to say the developer is a bad person --- I have no idea what type of person he is. He could be a saint, but I don't know that. Is there a way to lock the network access for this app or some other way to ensure the app won't attempt to send my data where it does not belong? I do like the way Mindwallet works and that it doesn't require using SD storage. So, please, I'm not implying anything personal about the developer.
I know, I'm paranoid. Is there a way to use either of these apps by mitigating my concerns? Thanks!
On the one hand, Keepass is open-source (which I consider a plus), but it uses SD storage. As it has been well documented, SD storage is not secure at all. So if there's an evil app installed that grabs all the data from my SD card, I would think a brute force attack on my Keepass file will allow the evil doer to have all my private information. I assume no one has found a way for Keepass to use the native storage on a Droid.
My other selected option is to go with Mindwallet, which is not open-source and thus we don't know everything the developer is doing with the full network access. This is NOT to say the developer is a bad person --- I have no idea what type of person he is. He could be a saint, but I don't know that. Is there a way to lock the network access for this app or some other way to ensure the app won't attempt to send my data where it does not belong? I do like the way Mindwallet works and that it doesn't require using SD storage. So, please, I'm not implying anything personal about the developer.
I know, I'm paranoid. Is there a way to use either of these apps by mitigating my concerns? Thanks!