Tools and links

This page gather the most relevant tools, references and links that I use and recommend. Some might already be introduced in details in one of my articles, some might be in the future. The list will be completed and updated regularly.

Communications tools

You can check the article My favorite communication tools to have more details on this section.

Element
https://element.io/get-started
This is the most advance client to communicate on the Matrix protocol and network. Open source, end to end encryption by default, decentralized, private one to one chat, private group chat and public channels. Chat, voice and video calls. Multi-devices (get connected and sync with all your device on the same account), multi-OS (web app, Linux, Windows, MacOS, Android, iOS,…), connect to user with their username and server address, no need to share you phone or email to get in contact. You can even run your own server or pay Element to run a server with your own domain name for you and get connected to all other servers or not, as you wish. Note that the paid services are only to have your dedicated server running, if you use one of the public servers (like matrix.org) or if you install yourself your server, it’s free and will always be.

Threema
https://threema.ch
If you are looking for a bit more simplicity, this Swiss based messenger is one of the most serious about privacy. Despite that it’s run by a private company, they do everything to keep the users anonymous and collect as few meta-data as possible. You can create an account without sharing any phone number nor email, you get a unique ID to share with your contact in person of by an other mean of communication. The app is open source and audited. It costs 4CHF that you pay one time only to download the app on Android or iOS, you can also link a desktop app to your mobile (but it’s not working standalone). They also offer subscription based enterprise services.

Signal
https://signal.org
One of the most famous privacy friendly messenger. It has a very strong user base that increased a lot beginning of 2021 due to good publicity on social media that followed with media coverage following the infamous privacy policy update from WhatsApp in Spring 2021. It’s the most simple to use but you have to share your phone number to use it, you can only communicate with people that you have their mobile phone number in your contact list. It’s very privacy focused with almost no meta-data kept on the app servers. The app has everything you can expect from a messenger app, with GIF, stickers, single or group chat with voice and video calls. The Android version can also manager your SMS in the same app and encrypt them, alone all already encrypted Signal messages, locally on your phone to prevent unwanted access from other apps or a third party that my be able to access your phone. The apps and server are officially open source but the app is controlled by a non-profit organization in US and they are not open to let other people connect to their network with other fork of the apps and third party servers. They also had some controversy episodes but nothing critical that happened so far. Thus the app community should be followed closely if you use it, so far I still recommend it and it’s the app I use the most on my phone.

Password managers and security tools

You can check the article about password managers and authentication tools to get more details on this section.

Password managers

Keepass XC
https://keepassxc.org/
One of the best fork of the most famous open source and offline password manager.

Keepass2Android
Keepass2Android PlayStore link
A good open source Keepass app for Android but unfortunately not available on F-Droid, if you use PlayStore or Aurora, I highly recommand it, it’s the one I use daily.

Keepass DX (Android)
https://www.keepassdx.com/
Another free open source option for Keepass on Android. This one is available on F-Droid. It’s also one of the most used Keepass app on Android, I used it and change for Keepass2Android for a practical reason but I really like both and can recommand it as well.

Bitwarden
https://bitwarden.com
If you prefer the comfort of a password manager that is accessible online and sync automatically for you. Bitwarden is my top recommendation. It’s open source, offer free or paid (only 10€ per year) premium account.

U2F FIDO2 security key

Universal 2nd Factor (U2F) is compatible only with a few services like Google, Nextcloud, WordPress, GitHub, Microsoft account (including passwordless Windows unlock), Microsoft Azure, Amazon AWS, Dropbox and even Facebook (the security-friendly privacy-disaster). If one of your favorite service don’t use it, you should ask them to add it, the more people ask, the more chances that it will come.

Yubico offers many model but the Yubikey 5 NFC model, is the most complete model and the most famous brand.

Token2 is another brand, from Switzerland, it offers cheaper version both with a U2F only model as well as more advance ones that add TOTP and other options.

OnlyKey is another interesting product, that offer a U2F key compatible FIDO2 with also exclusive feature like static password storage and PIN protection from hardware side. It’s possible thanks to a 6 buttons design. Thus it might be slightly more complicated to use.

One Time Password (OTP) apps

OTP and espacially the TOTP variant is a tool based on an open protocol that allow you to generate a unique password that change (usually) every minute that you enter in addition to your login and password to access you online accounts. It’s probably one of the most use 2nd factor authentication (beside SMS that are not really secure). Below are my app recommendation.

Hardware security key, like Yubikey, Token2 and OnlyKey listed above, all have a model that all to store and generate (via a software) the TOTP code. If you already use one of these, you can use them for your TOTP as well, but be sure to have a backup in case you loose your keys.

The password manager, Keepass and Bitwarden that I recommand above are able to store and generate the TOTP code but you might not want to store these in the same vault as your static passwords. See my complete article for more details.

andOTP is my favorite Android app for OTP. It’s free and open source, encrypt the database locally, allow to lock the app by a PIN or password and you can export an encrypted backup of your database.

Aegis Authenticator (Android) is another valid option for Android with more or less the same advantage as andOTP.

Raivo OTP (iOS) is the only recommended option I found on iOS. It has also the same advantage as the two Android app above if you are a fan of Apple.