Just for the heck of it I created a test account with their password manager with a few honeypot accounts on a VPS server.<p>Within 2 hours one of the "honeypot" SSH accounts I put in my password manager was accessed with the creds I provided in the password manager. Now I understand there is internet wide scanning but a succesfull login with a random 12 character username and password I had in my password safe is very unlikely to be a random bot account.<p>Tomorrow I might have a bit more time to throw a few more honeypot accounts in there and see if they attempt to login.<p>For the time being I would highly discourage anyone store their passwords there.<p>(using a random throwaway account for obvious reasons, I don't want any retaliation against my startup on my main account from these guys.)
This is suspicious. They have the VPN traffic, now they want passwords. Encrypted of course, but still. The trust just isn't there. The company is too young. I don't trust them just because they have great design and UX.
McAfee RememBear (!)
How's this any better than 1Password? I'd like to hear a compelling reason to switch besides "our app has a bear in it"