Comments on: Mobile? Plugin? USB token? Des…

By: Tara

Tara — Fri, 12 Jun 2009 17:13:09 +0000

@John
Two factor authentication is on the list for a while now. We will add it. When though, I don’t know. I can tell you that we have a very tight development schedule over the summer, and 2 factor isn’t among the tasks. So it’s still some time off.

As far as getting automatic password updates – that would be a neat trick. :)

@Ricardo
Thanks for the suggestions – and glad you’re happy! Happy is good.

By: Ricardo

Ricardo — Fri, 12 Jun 2009 16:00:17 +0000

First of all, I love PassPack. I moved from a desktop based system to PassPack and do not regret it. My wife is still a bit skeptical about security, but I’m not.

After using it for a bit there where two features I wish for.

1) Mobile phone access. On that front I was amazed that my brand new Palm Pre’s browser could access PassPack w/o problems!! (At least none that I’ve found in the few minutes I used it.)

2) I tend to store more than just passwords for website in PassPack. I do credit cards, important ID numbers, software licenses, social security #’s for the family, etc. Would be nice if PassPack eventually supported other types of entries.

Otherwise… I’m happy!!

By: John

John — Mon, 01 Jun 2009 05:49:22 +0000

Is there any hope of getting two form authentication in the near future? As a means of authentication with Passpack.com this would helpful to further enhance the security of my transactions regardless of which computer I connect from….the disposable password is an interesting idea but requires that I know before hand that I am using a potentially insecure device.

It would also be great if you could find a way to work dynamically changing passwords with the 1 click login for websites. For example, Passpack changes my gmail.com password every time I login (via 1 click) and keeps the latest password stored in my passpack file. As a paranoid user I would like to have the ability to change my passwords rather dynamically….that way if my connection is somehow hacked at least I can limit the damage.

I appreciate that its hard to code when there isnt a standard API (for changing passwords) for every site. It might make sense however for the more “popular” sites to code change password functionality.

By: Tara

Tara — Fri, 23 Jan 2009 17:21:14 +0000

Of course it’s ok to comment here! Sorry about the catpha, I’ll add your votes for you.

For developers, we’ve released a Host-Proof Hosting open source library. That’s not a password manager, it’s a base to work off of to create any type of application.

For companies that are looking to run Passpack off their own server, we’re close to starting beta testing our Black Box product.

And I’m always welcome to more suggestions too if that’s not exactly what you had in mind.

Cheers!
Tara

By: Jason Bray

Jason Bray — Fri, 23 Jan 2009 15:50:44 +0000

My eyesight isn’t the best and I have an exceptionally hard time deciphering captchas… I do understand their purpose though so I’m not complaining. I want to vote for my fav ideas here. I hope that’s ok…

I personally like these the best:
- Passpack for web-based phones and PDAs (Android, iPhone, Nokia)
- Optional USB security token during login (two factor authentication)
- Two way sync between Passpack Desktop and Passpack online accounts
- Secure document storage

Also… have you guys considered figuring out a way to market your method for securing data? I’m sure there would be educational institutions/businesses/web developers who would like to make things as secure as Passpack does but they might want a system they could run on their own servers. I don’t mean to sound ignorant… I know you must have given this some thought. Seems there could be some interesting possibilities there though.