31. December 2020
We at Keestash see a lot of reasons to create the Keestash project. First of all, Keestash aims to be an open source Password Manager for everyone.
Identity: the most important thing in the digital era
Everyone uses passwords. Almost every online service we use hosts a profile – our digital identity – for us that needs to be protected. If we lose control of our digital identity, others can do things on our behalf. Things that harm us and/or others.
Passwords are so sensitive that not even online services want to store them in plain text. Further, passwords have to be strong and not guessable – even not for computers. Optimal passwords have a minimum length, have mixed characters and numbers, are not in any dictionary and different for each service. Further, Two-Factor-Authentication (2FA) or biometric authentication methods increase the protection a lot. Other authentication ways are: LDAP (Lightweight Directory Access Protocol), SAML (Security Assertion Markup Language) and complex IAM (Identity Access Management) systems.
Open Source ensures trust
We believe that Keestash will earn trust of private and enterprise customers by transparency and open source. As you entrust us with access to their identity, we must return the trust with a great sense of responsibility and transparency. The only way to achieve this is Open Source.
We think that proprietary software and the companys behind can never gain trust. And there are just a couple of Password Manager Open Source projects. How did we end up with this?
The answer is: there is no simple-to-use, easy-to-install, cloud-based and/or on-premise Open Source Password Manager. The lack of such software leads to many serious security issues, such as password sharing via email, WhatsApp or simply taking notes on post-its.
How will Keestash fix this?
We want to make public what we are doing. Everyone can audit Keestash’s code and contribute to it or fix issues. Enterprise customers with very high security and privacy policies will rely on Open Source. And also private users can be sure that their passwords are safe and secure.
In general, Keestash aims to:
- be easy to install and maintain
- be secure by default
- be easy to use
- offer toolings and guidance
Doing this, we do not differentiate between on-premise and SaaS (Software as a Service) based solutions. Hopefully, this will lead to a world with better protected identities.