Buttercup

Free & open-source password manager for Windows/Mac/Linux

Reviews

 

Discussion

You need to become a Contributor to join the discussion - Find out how.
Perry Mitchell
Maker
@perry_mitchell · Co-Owner Buttercup, Team lead @ Kiosked
After some time using other password managers both in personal and professional environments, by colleague and friend Sallar and I decided that what we really wanted from our password managers didn't exist. There's no solution that, for free, offers credentials synchronisation across every platform with support for merge conflicts and a choice in hosting environments. For those and many other reasons, we built Buttercup: Buttercup is a cross-platform credentials manager that aims to make authenticating yourself on multiple devices as easy as possible. Being open-source, Buttercup draws strength from the community which helps to keep it up-to-date and secure. It’s also free. Using a cloud storage provider of your choice, you can host your password archive remotely so that it can be accessed from anywhere. Buttercup supports a wide range of services - most of which are free to use as well. Buttercup’s secure archives are encrypted with modern algorithms using very strict standards for password derivation, IV and salt generation and packing. Buttercup stores no user identifiable information and any offline storage of login information is always kept encrypted by the user’s master password. Buttercup's direction, in the long term, will be that of free software for personal use or within small teams. We want to support Buttercup full time, and for that to happen we aim to form a business model around licensing large-scale application of Buttercup to organisations that need shared credentials and tiered security.
Nay Thiha@naythiha_
@perry_mitchell Hi Perry, may I know the difference with bitwarden?
Jerry Shan@shantianyun · iOS Developer
@naythiha_ @perry_mitchell took a look at bitwarden, haven't used it before and after looking at bitwarden's home page, it seems the biggest difference is that buttercup stores the data on local disk with option to sync with a third party cloud service, but bitwarden stores in their cloud. Vote for buttercup. I never used bitwarden so correct me if I am wrong.
Nay Thiha@naythiha_
@shantianyun Thanks Jerry. It's right. 🙂👍
Perry Mitchell
Maker
@perry_mitchell · Co-Owner Buttercup, Team lead @ Kiosked
@shantianyun @naythiha_ I also haven't used Bitwarden, but it looks quite nice. As I've always hosted by own cloud storage, having sync support with common *free* providers was a must. File storage makes it easier to either store offline or within a sync'd folder (Dropbox etc.).
Nay Thiha@naythiha_
@perry_mitchell Thanks Perry. 👍I have used 1Password with Dropbox but now on their cloud for some reasons. It's really useful to have a file. I intend to use free password managers for my employees who are not knowledge workers but they need credentials for the HR app like BambooHR for time off requests and messenging apps like FB Work Chat. 🙂
Perry Mitchell
Maker
@perry_mitchell · Co-Owner Buttercup, Team lead @ Kiosked
@naythiha_ I agree - having a file for me is a must (especially for backup purposes - which we'll later integrate). We definitely aim for Buttercup being as user friendly as possible for *groups*, and this is one of our next areas of improvement/expansion.
Nay Thiha@naythiha_
@perry_mitchell Great! Keep on. 👍
Siavash Mahmoudian@siavash · CTO at Breezio
@perry_mitchell @sallar Congrats on the launch! The product looks awesome!
Sallar
Maker
@sallar · Senior Software Engineer
@siavash @perry_mitchell Hey Siavash! Thanks a lot :) Im glad you like it :)
Hadi Farnoud@hadifarnoud · CEO of Kamva
Well done guys, looking forward to iOS app and extentions (also, would be great if you release a SDK for third party apps integrations like 1Password does). Did you guys consider autofill security issue when designed buttercup? Lastpass had same issue a while back
Sallar
Maker
@sallar · Senior Software Engineer
@hadifarnoud Thanks Hadi. We already have extensions for Chrome and Firefox, and the iOS app is underway. @perry_mitchell can tell you more about the autofill security.
Jerry Shan@shantianyun · iOS Developer
@sallar @hadifarnoud @perry_mitchell I am curious about the autofill security as well. @perry_mitchell Looking forward to hearing from you.
Perry Mitchell
Maker
@perry_mitchell · Co-Owner Buttercup, Team lead @ Kiosked
@shantianyun @hadifarnoud Of course. Form autofilling can be a serious security concern especially on fraudulent sites - stolen credentials is something we want to protect against. Currently we don't do any autofilling, but we allow users to select the credentials they want to be filled. This still isn't foolproof and would-be hackers could possibly still abuse the popup to gain secret information. This was going to be part of our browser extension refactor, but I've made it into a critical task here: https://github.com/buttercup/but... Right now I see it being of low risk, but of course you should check it out for yourself and make your own decision. We will be improving this area asap in the mean time :)
Csaba Kissi@csaba_kissi · Developer & maker of Hunter Analysis
Looks nice, Electron?
Perry Mitchell
Maker
@perry_mitchell · Co-Owner Buttercup, Team lead @ Kiosked
@csaba_kissi Yes - Electron has been a fantastic tool to get us into the cross-platform area from first release. Similarly, we'll be using React Native for our mobile application to achieve a similar goal :)
Csaba Kissi@csaba_kissi · Developer & maker of Hunter Analysis
@perry_mitchell 👏 👍
Olivier Plante@oplante · CEO, Thingthing Keyboard @thingthingapp
A mobile app is planned? I'm on iOS
Sallar
Maker
@sallar · Senior Software Engineer
@oplante Yes! Absolutely. We are working on the mobile clients right now.
Jerry Shan@shantianyun · iOS Developer
@sallar @oplante what's the progress for the mobile client? Any approximate release date?
Perry Mitchell
Maker
@perry_mitchell · Co-Owner Buttercup, Team lead @ Kiosked
@shantianyun @sallar @oplante We've only just commenced with the development, and crypto (with sufficient speed) is tricky. We'll announce an estimated date when we've made more progress :)
Jerry Shan@shantianyun · iOS Developer
@perry_mitchell @sallar @oplante Great. Looking forward to your progress.
Francis Perron@francisperron · Co-founder of GitMarket
I will be testing your app with Keybase private folder, so I can share company password with my partners.
Perry Mitchell
Maker
@perry_mitchell · Co-Owner Buttercup, Team lead @ Kiosked
@francisperron That's really cool! I'm on keybase too. It's a great platform for sharing small files, and our archives are compressed and should remain quite small.