Buttercup is an open source password manager for Windows, macOS, Linux, Firefox and Chrome

Ashwin
Jul 30, 2019
Firefox add-ons, Security, Windows software
|
25

There is no shortage in supply when it comes to password managers, but not all of them are open source.

Buttercup is a free password manager, which is open source and offers cross-platform support. Open source, at least in theory, gives everyone the opportunity to check the source code of applications or services to make sure they are clean, and to compile the applications manually.

Tip: check out Martin's review of his favorite password manager KeePass here.

Buttercup  is available for Windows, macOS and Linux, as a desktop application, for Firefox and Chrome as browser extensions and for Android and iOS. Every major operating system is supported by the password manager.

Buttercup encrypts the database in the .BCUP format using AES 256-bit CBC mode with a SHA256 HMAC (similar to what KeePass uses).

The best part about it is: you choose where the password vault is stored.  The program does not store the password database in the cloud on company servers; options that it provides are to save the vault data locally on the computer or mobile device, or to save it online using one of the supported cloud services:

  • Dropbox
  • Google Drive
  • ownCloud
  • Nextcloud
  • WebDAV

So, privacy isn't an issue with Buttercup. But, for your own peace of mind, just make sure you have 2-factor authentication enabled on the cloud service you are using for the vault for that extra layer of security. Check out our Dropbox, Microsoft Account, and Google two-step verification guides.

The service supports popular third-party cloud providers as well as self-hosted solutions; the latter options are more difficult to set up but they provide better control.

How do we get started with the password manager? Desktop version or browser add-on? That's your choice. Click on the + button to add a vault, you can add as many as you want. Use one of the above mentioned options, to create a new vault. I chose to create one in Dropbox. Now to the vault.

Managing the vault

Buttercup can import an existing password database from the following programs/services.

  • 1Password - .PIF
  • KeePass - .KDBX
  • LastPass - .CSV
  • Bitwarden - .JSON
  • Buttercup - .CSV

You can export your Buttercup database in the CSV format. Buttercup allows you to create groups which you can use to categorize your accounts.

Save logins (when you enter credentials)

Visit any website where you have an account and login, to see a "Save login" prompt. Doing so will allow the extension to store your credentials securely in your personal vault.

Save logins manually

To manually add an entry, open the vault, and click the "New entry" option. Enter the username, password, and URL in the respective fields and hit save.

Note: This wasn't working for me at all in the add-on. An issue on the GitHub page says that this was addressed recently. I tried re-installing the add-on in Firefox, and also tried the Chrome extension on Microsoft Edge Dev, but no dice. I tried this for a few days, and nearly gave up on this feature, but tried the desktop version to add new entries manually. It worked perfectly. This workaround might be a deal-breaker for some people.

Password generator

This is the 2nd most important feature next to securely storing passwords in my opinion in any password manager. You need unique and strong passwords for each account, and Buttercups password generator delivers just that. It is available in the extensions and desktop programs.

Options that are available here include adding low and upper case letters, digits, space, and symbols, and you can also set the length of the password. I found the option to use "Words" (it generates random meaningless phrases) to be odd. Regardless of how bizarre the sentence appears to be I'd rather not have pronounceable content in my passwords; it may be an option if you need to remember the password though.

Buttercup desktop

There are very few options in the program most of which are basic. You can use it to move logins from one group to another and for copying the password, username or URL to the clipboard. You can also store notes securely in Buttercup to protect them using strong encryption.

Note: Firefox warned me about the Buttercup installer saying "This file is not commonly downloaded."  It probably has something to do with the program having few users.

Buttercup is not available in a portable for Windows and macOS yet, but a Linux version is available.

Buttercup Add-on + Settings

The add-on has options to create a new vault, open an existing one, a password generator; basically just like the desktop version. It does have a few extra features such as auto-fill to fill out login information automatically.

Click on the icon which appears in the username or password field and it opens a pop-up menu which lets you search for the entry you wish to use to fill the fields. The other invaluable feature is that you can set Buttercup to automatically lock the vault and define the time after which it should lock it.  You can enable or disable a dark theme for the interface. And there's a Save option which you can set to show up when you fill up a form.

Buttercup mobile app

The Android app is bare-bones  and only allows you add a remote archive. So, there is no way to create a new vault and store it on the device. It supports auto-fill and clipboard copying, however. I did not test the application for iOS.

Where it impresses

  • The Buttercup add-on is brilliant, has a nice UI and is quite user-friendly. The option to store your vault in a location of your choice is good. The auto fill is handy too.
  • The mobile app can be of help when you are away from your computer and wish to access your logins, but it cannot be used on its own.
  • The desktop application is alright, but for one issue.

Where it falls short

  • New entries aren't being saved by the browser extension.
  • My major complaint is regarding the desktop program. While you can lock (close) an archive manually, there is no auto-lock option. So once you unlock an archive, it stays unlocked until you close it. This is a massive security risk, and I had to check the application multiple times to see if it was hidden. It is puzzling as to why the add-on has auto-lock, but the desktop version doesn't.

Yes, I know Buttercup is an electron based software, and I also know some of you love those. You can try the browser add-on if you want to, it's quite nice.

Buttercup's cloud service is quite similar to how I use KeePass across my devices. But I prefer the latter over any password manager, it's always been irreplaceable.

Closing Words

Buttercup is a cross-platform application that is pretty much available for every major system out there.  The application has certain strengths such as the ability to store passwords locally or using cloud providers or self-hosted solutions. It falls short in the features department, especially the mobile Android version is lacking and not usable on its own.

The option to store the password database in the cloud may be useful but it is not a unique feature. Even services that don't support it natively support it to a degree provided that you sync data with your local devices.

All in all, it is an option if you are looking for a cross-platform open source password management solution.

Now you: which password manager do you use, and why?

Summary
software image
Author Rating
1star1star1stargraygray
3.5 based on 12 votes
Software Name
Buttercup
Operating System
Windows, Linux, Mac, Android, iOS, Firefox, Chrome
Software Category
Security
Price
Free
Landing Page
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. foolishgrunt said on May 12, 2020 at 6:45 pm
    Reply

    I recently played through Chrono Trigger (a few times) on DraStic myself, and I know exactly what parts you’re referring to. :)

    Also, for extra credit.

    DraStic’s .dsv files are essentially raw .sav files, but with a few bytes of DeSmuME-specific data appended to the end (specifically so that this procedure outlined by Ashwin will work). On the other hand MelonDS (my preferred DS emulator on PC) cannot interpret this DeSmuME-specific data, and will need to be stripped out by a hex editor. In this case, you need to use a hex editor to strip it out. Open the file, find this at the very end:

    |<–Snip above h
    ere to create a
    raw sav by exclu
    ding this DeSmuM
    E savedata foote
    r:…………..
    ……….|-DESM
    UME SAVE-|

    …remove it, and save. Now you have a save file that you can import into any DS emulator that supports raw .sav files (presumably DeSmuME as well, though I have not tried).

    1. Ashwin said on May 14, 2020 at 5:09 am
      Reply

      Thanks for that.

      MelonDS is pretty good too. There is a new QT version in the works.

      https://twitter.com/Arisotura/status/1255059225371435011

      1. fakewooder said on July 26, 2021 at 8:19 pm
        Reply

        This worked from DraStic to MelonDS Android as well!

        DraStic seems smoother for the time being, but it’s nice to know you can transfer anytime.

  2. Trey said on May 12, 2020 at 9:00 pm
    Reply

    Nice tip foolishgrunt.

    Off topic but does anyone know the best way to play the original Majora’s Mask on Win10? Best emulator for it I guess?

    1. Ashwin said on May 14, 2020 at 5:27 am
      Reply

      Project64 https://www.pj64-emu.com/. Pretty straightforward to use. Enable the N64 plugin.

      You could try Mupen64, it’s good too.

      There are some pretty good texture packs that you can install to make the graphics look better.
      http://www.emutalk.net/threads/56677-Majora-s-Mask-N64HD-Project

      Just FYI, the 3DS remake which has some QoL improvements, runs flawlessly on Citra.

      1. Trey said on May 15, 2020 at 7:19 pm
        Reply

        Thanks Ashwin

  3. Mageia said on July 12, 2020 at 8:18 pm
    Reply

    I don’t have those options ‘Import Backup Memory”

    I have desmume 0.9.11 x64 on Linux

  4. delt said on September 10, 2020 at 7:46 am
    Reply

    Thanks for the info. I was playing a game called “Last window: secret of Cape West” (which wasn’t released where i live) and at one point there’s a puzzle that makes a rather weird usage of the DS’s hardware sensors, which i needed to test on a real DS.

    To convert a Drastic save file into a usable save file for the DSTwo cartridge, you just need to shave off the extra bytes with a command like:

    dd bs=1024 count=256 if=”input.dsv” of=”output.sav”

    …for a 256Kb save file. This should work on any Unix system, ie. Linux (including Android itself) BSD, MacOS etc. For winblows, well….

    Haven’t (yet) tested the reverse operation, but i’d presume if simply copying the file saved on the DSTwo back to the Drastic dir on my phone doesn’t work, i’d just need to re-append the extra few bytes at the end.

  5. Wouter said on February 3, 2021 at 9:22 am
    Reply

    Transferring the file from Desmume to Drastic doesn’t seem to work for me. I have a DSV and a NDS file with the same name in the backup folder from Drastic on my phone. But when I boot up the game in Drastic it just starts a new game. Anyone an idea what I could be doing wrong?

    1. guille said on March 8, 2021 at 1:40 pm
      Reply

      Try changing the save file to .dsv instead of .sav, worked for me.

  6. Anonymous said on February 14, 2022 at 4:18 pm
    Reply

    ok i try the drastic to desmume method with pokemon mystery dungeon explolers of sky and it doesnt work for me for some reason i just get new game option X_X

    1. Jesus Christ said on April 9, 2022 at 11:10 pm
      Reply

      Same

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.