The first question new Passpack users ask during sign up, without fail, is:
I just chose a User ID and Pass,
why do I need a Packing Key too?
At first glance the Packing Key may seem like a bit of a hassle. After all, Passpack is supposed to be a place to store your passwords so that you don’t have to commit everything to memory. So why the “extra” code? Why the Packing Key?
The short answer is: Double Data Security.
Unlike other Password Managers, Passpack uses a two-step access technique. Your User ID and Pass give you access to your Account. But the Packing Key is needed to actually access your data.
The “Pack” in Passpack comes from that bundle of locked up your passwords inside your Account. This way we can check your User ID and Pass when you Sign In, without exposing your passwords.
You unpack your passwords in your browser, and you pack them back up in your browser. Your Packing Key never travels over the internet. And it certainly never gets saved to our server.
Only the locked Pack gets sent to the server for safe storage. For good measure, it gets sent over a Secure Connection.
That’s a lot of extra protection in one little Packing Key. We thought it was worth the hassle.