Well, I don’t know if you missed my content, but I have been really busy lately with other things (majorly, redesigning this website, then almost goofing it up, then finally done!). Anyway, without wasting your next 2-5 minutes that you will be here, let me just start!
Yep! I use a password manager
I’ve heard many times about these things that you shouldn’t be using one, as the app-makers are anyway watching you in spite of their so many declarations that they don’t, you should instead write them in some book or paper and keep it super-secure and indeed try to remember the most secure and confidential ones and noting them down anywhere!
My only answer to the above guidance is “I can’t be any of those persons ‘absolutely’, hence I choose the mid-way” (gray areas as they say in so many management books). Here is my approach to passwords:
- I remember password which I frequently use and which I consider to be the most secure
- I am too lazy to write down passwords on paper and even keep it safe and referring them back everytime when needed for websites I seldom / not so frequently visit.
- Also, I am too paranoid to use a cloud-based password manager.
When I came across MYKI (which was only a few months back), I was really pleased to realise as to how my void of those requirements was fulfilled!
Secure
Even this app claims it doesn’t store any data (except the mobile no. which is used “to allow you to restore your data to a new device, to be able to send you notifications and to enable credential sharing between users.”. These are MYKI’s words and not mine, and for that ‘sharing’ part you have a feature in-app to do so). The difference is that MYKI does not save any data on the cloud because this app does not have any web-based logins. The only limited ways you can use it is, by an app on your phone or your PC or through it’s browser extension.
MYKI works only via locally installed apps only; you want to use it on another device simultaneously you need to authorize it through the one where you have this app installed on; which is what no app, as far as I know, offers. Hence, I have concluded to consider it as secure! Below are some screens to add a device:
Features
Oh, 2FAs (TOTPs) too can be added here!
If you are the person who prefers the ‘all in one’ approach to things, then you can add your 2FA tokens too here. Well, I have an entire write up on 2FAs and an app that handles it well! I am not the person who will use 2FA with my password manager because I don’t want any single point of failures (never keep all fruits in one basket). So I always use authy for it!
Apart from passwords and 2FAs you can even add other things such as other form filling related details (eg: address), secure notes, ID cards and even payment cards (again I am not very much comfortable storing card information not only here but anywhere, infact!)
Autofill + Authorisation for logins
While Autofill is a given in any password manager these days, MYKI even offers authorised logins while using the app / extension on the PC.
Example: You want to log in to Twitter on your PC and have saved the password in MYKI (& even have the browser extension)
- While logging in on twitter.com, you will get a popup to use autofill using MYKI. Tap it
- You will get a notification on your phone to authorize your sign in (if you use MYKI as a 2FA authenticator too then it will even auto-fill that for you!)
- The password will be auto-filled and I can now simply login
Backup prompts (annoying but good in a way)
Auto-backups happen only when MYKI is installed on your PC, not on your phone (which is a bummer and I will cover it again in the end along with some other things that bug me!); on your phone you will often (okay, each time you open the app) get backup prompts to backup your passwords on your phone (or your PC via QR code scanning).
Backup files are completely encrypted (open that file in a text editor and tell me if you understand anything there). Additionally below is my paranoid’y approach to backup:
- Back it up on my phone
- Create a zip file of that backup
- Password protect that zip file
- Saving a copy of that zip file on my local PC
- Doing the above activity everytime when I add any password to MYKI
While those prompts are really annoying, I have pretty much convinced myself to treat as useful reminders – exactly what it intends to be!
Others
Enabling / Disabling screenshots
Pretty self-explanatory, but I am glad it’s there! (specially helped when writing this article!)
Sharing passwords
The people sharing their Netflix subscription with their family and friends will find this handy.
MYKI offers password-sharing among users. Passwords are shared with everyone, every time the initiator changes the password. (pretty neat!)
Shared passwords appear in the sharing center.
Password Generator
No password manager is complete without a password generator, and MYKI has it. So are you too lazy to think of a new password you want to set? or are out of ideas or combinations to think of one? The password generator will generate a totally random password for you, and you can even set criteria such as the length, conditions (uppercase, lowercase, characters, alphanumeric, etc.), etc., and it will display you, strings of characters in real-time. Once decided, you just need to copy it!
Pro features (trust me you can skip these!)
While MYKI is completely free to use, it offers some additional features such as ‘Tags’, making profiles, custom images for each password, adding custom fields while setting passwords. I am completely of the view that none of these are features one would even require. Seriously you can ignore the Pro bundle (by the way it costs ₹890 ($12)
Design
The design is very straight forward – relevant bottom bars, snappy interface, reliable autofill (I’ve tried Lastpass’s autofill on Android, it rarely worked ☹), etc. Also, a pro-tip, Tap on the bottom bar in the passwords section again and again, and you can cycle through the different tabs
However, there are few things which indeed bug me and they aren’t only the design:
- The settings section needs to be improved. Open it and there are no ‘settings’, only the device info! Okay, scroll down till the end, and you will find two options – Enabling/Disabling screenshots and Delete Account.
By nature, yes they need to be at the end, not easily accessible, but not that is when you even have other settings to offer. There are freaking only 2 of these options and IMO displaying Device Info under this section is by no means a good sign of ‘good usability’. If MYKI team anyway happens to read it, please reconsider tweaking it! 🙁
- Cross-platform inconsistencies: This is really a thing, I just don’t understand why there are noticeable UI differences between the android and the iOS counterpart?
Have a look for yourself – The iOS app has a bit modified bottom bar (with a very prominent ‘Add’ button in the middle). While the android app is very basic.
Also, the iOS app even offers showing recently used passwords for quick access and some other details too and their more section is more clean and even has a search option to search for settings (which are entirely missing in android)
- No light theme 🙁
- I am nitpicking now, but I have even highlighted this on Twitter, while MYKI’s Twitter account usually responds to user queries, they did not respond to it…
- No auto-backups in the mobile app!
Finally! some tips from me…
While the app is secure, in order to develop a more secure environment for your passwords in general, here are things that I would suggest:
- You can open the app using your on-device biometrics and by even a custom PIN. I would really suggest avoiding biometrics because If someone happens to add his/her biometrics on your device then even that person will now be able to access the app compromising security. Hence, using a custom PIN will greatly avoid this single point of failure!
- Would suggest my approach to backup passwords
- Avoid adding (or even writing down) passwords which in your opinion are of the most confidential nature and even those which might cause a single point of failure (for example: a Google/Microsoft account password compromise can leave you out of your own emails, contacts, calendars, activity data, files, etc.)
- Wherever possible use 2-Factor Authentication (can refer my article on it here)
One last thing I would like to point out. All the Cyber Attacks that happen, all of them have only 1 single point of failure – Human Negligence & Lack of Awareness. So as RBI says, “Jaankaar Baniye, Satark Rahiye!” (Stay Informed, Stay Alert!)
Here are the download links for MYKI (Free; IAPs-completely useless though IMO)
stay aware, stay appy 🙂
Let me know down in the comments section, your thoughts on passwords management!
Update | 2 March 2022 | How to Export your passwords data and Alternatives to MYKI
How to Export your Password’s data from MYKI
As I’ve mentioned at the top, MYKI is not a ticking bomb right now. Users have tie until 10th April 2022 to export all their data out of MYKI.
Luckily, MYKI has prepared a very comprehensive guide on “how to export your data from MYKI” which can be accessed using the below links-
- How to export your MYKI data on Android
- How to export your MYKI data on iOS
- How to export your MYKI data to your computer using the MYKI browser extension
- How to export your MYKI data using the MYKI desktop app (for Windows, Mac, and Linux)
Also, do note that you can easily import the data exported from MYKI into other popular password managers so that transition is smooth!
**Please note that the ‘passwords’ fie will be exported in plain format (.csv file) with no encryption. So, please take due care to permanently delete this file care when importing into some other password managers
Alternatives to MYKI?
So, MYKI’s offline approach was loved by many people. Unfortunately, not all password manager work in the same manner. While there are many alternative password managers available. I’ve done some research and handpicked the below apps to try out, and which are worthy alternatives to MYKI-
- Bitwarden Password Manager (free and Open Source) While it is not offline based and does have a cloud based portal. This is by means the most secure in this category because it has never been hacked till date. Plus, its code is completely open source for anyone to review and contribute to the project!
Bitwarden is completely cross-platform (available on android, iOS, desktop, extensions, web portal, etc.) - KeePass DX – KeePass is only available on android and is completely offline. It works by creating a database file on-device. Any changes to entries you make (passwords) are updated there. While it is secure, most users might find it pretty overwhelming to use + the interface too seems. yes, one thing is that the developer is actively working on it
- Keypify – Again, this is android only, but it’s in very early stages. It works in similar fashion as MYKI (offline with a web app) requiring QR code scanning to view passwords. It currently does not have any browser extensions or multi-device capabilities. I will be keeping track of developments to Keypify as it feels promising!
- Lastpass & Dashlane– The always popular apps for password management! But, free features are too limited now on these apps. Would suggest using Bitwarden instead!
I’ve personally switched to Bitwarden (as I need the browser extensions and cross device syncing for now). Importing my existing passwords from MYKI to Bitwarden roughly took me 1 minute. Plus, its free plan is way more generous than any of the mainstream password managers out there currently!
Here are the download links to all the alternative password managers mentioned above:
Bitwarden-
KeePassDX
Keypify
Lastpass
Dashlane
0 Comments