UPDATE, Jan. 29. The strategy worked because PayPal sent all the notification at one moment, and all the accounts have been upgraded correctly.

The new Adobe AIR, on some Operating Systems, resets the Encrypted Local Storage where the local Passpack Desktop data are stored. So, please, before upgrading to the new Adobe AIR, do a backup of your local data from “tools > backup” so that, if the data will be lost after the upgrading, you can restore it.

If your data is lost, the only way to recover it is to restore the status of your operating system to a restore point before the upgrade to the last Adobe AIR. Some users were able to recover all the data this way. After recovering the data, please, backup the entries before upgrade again and restore the entries after restarting the account.

So, I have just released a solution that solves this problem: a 4 character  PIN that substitutes your Packing Key. This PIN is device specific, in other words, you set up a different PIN for each phone and tablet.

It works in a very simple way:

• your Packing Key is encoded using a randomly generated key
• the random key is stored in the local storage of the broswer on your device
• the encrypted Packing Key is send to the our server with the PIN

Next time you login to Passpack on that device, you’ll be asked for the PIN instead of the Packing Key. You have 3 attempts to type the correct one. At the third mistake the PIN will be deleted and yo’ll need to type the Packing Key as usual.

When used with the Remember me option, this is a great time saver!

Managing PINs and devices

From the Settings page, you can see what devices you have already activated and, possibly, remove them.
This is particularly important if you lose your mobile device.

About security

Initially I was thinking to use a numeric touchpad, like the kind many apps use for PIN numbers. But the risk is that you could be tempted to use the same numeric PIN that you use to access your device – and that would be bad. We don’t want anyone who can enter your device to be able to enter your Passpack account as well.

For this reason, I decided to allow a text PIN. This way you have a really better PIN since you can use everything, included international characters. For example, your PIN can be a string like arfk or xsTT but you can also decide to use a crazy strong PIN like Aò高8 that would be impossible to be guessed in three attempt. This strongly increases the security as compared to, for example, an ATM PIN.

Note. The quick PIN system needs an HTML5 browser to work. If your browser is not compatible, you won’t see the option to activate the PIN.

A pratical example

How to fix the issue

UserVoice is a great service to collect suggestions and ideas. It worked very well and now we know what is important for our users. But there are a lot of minor suggestions that are also important which remain without an answer. And, in many cases, people ask for a feature that already exists. If there were a live conversation, some other user might be able to quickly answer: “Hey Joe, you can already do this.” Instead, there  is no live converation and everyday someone adds a suggestion that risks getting lost. This is not good.

So, in the next weeks, we will try to limit the UserVoice forum to big suggestions and we will move the everyday feedback towards our Facebook page. Why Facebook? Because it is easy and social and solves the “conversation” problem. Of course, please don’t consider it a support page and especially don’t write any sensitive information. If you need customer support on your account, please open a support ticket instead and we will help you.

The Passpack Facebook page would like to be a place where you can start conversations with us and with other users about best practices, ideas, issues, etcetera.

What do you think?

Passpack runs on dedicated servers at a provider in Germany. Yesterday, that hosting provider was likely hacked into. Due to our application architecture, and the fact that we’ve completely isolated the servers from any access by the provider, Passpack has not been compromised. All user data is secure.

This announcement is simply because we believe in transparency.

Why Passpack was not affected

Fortunately I don’t trust anybody, not even our hosting providers (Passpack is, after all, built on the “Host-proof” Hosting pattern). As soon as our dedicated servers were delivered to us with the OS installed, the first order of operation was to make it so that our provider was completely unable to access our servers. Every default password was changed and (most importantly) the SSH setting only allows access via keys. Yes, that makes it more complex to handle eventual hardware problems, but it’s worth the trouble. Today, when I read the communication below, I knew it was the right choice.

This is the communication that we received today, like hundreds of others:

Dear Client,

We were informed yesterday, Wednesday 5 October, about an improper access to our internal system.
As far as we can presently reconstruct, the attackers could have been able to access internal customer data on [our] administrative systems.
[...]
To our present knowledge we have no information regarding data abuse from customers.
Unfortunately, it is not possible for us to exclude this possibility completely and we would therefore ask that you change all passwords on your [Provider] system immediately as a precaution.
[...]
To ensure complete and transparent clarification, we shall shortly be reporting this incident to the regulatory authorities.
[...]

As always, we’ve taken follow-up security available to us for good measure. We immediately updated the credentials to login to the the online account manager. Nobody has accessed the account manager, or changed any settings.

My biggest concern was that with access to the provider’s account management system, though they couldn’t have accessed any user data, a hacker could have been able to reset a server: starting a new installation while deleting all the current data. Fortunately, they didn’t. And the access codes have all since been changed. As you can imagine, this would have caused an interruption in service until we’d have reconfigured everything and restored the data from our remote backups.

A secondary concern would be that they could have gotten physical access to the servers while putting it into maintenance mode. Also in that case, there’d have been a noticeable downtime. There wasn’t. Anyway, as you know, our data are useless without hacking the entire distributed system.

Since we had no problems or outages, I could have easily not informed anyone about this. But I believe that transparency is the most important thing for a service like Passpack. So now you know.

Have a good day, and let me know if you have any questions.

We will move the system to new powerful servers. If everything will go like during the other migrations in the past, the most of the user will not have the perception of the transfer and all will seem as normal. He hope that also this time it will be so. For good measure, if you haven’t yet, please install Passpack Desktop to be sure that you have an offline backup of your data. This is very important because on the Internet it is always possible that a website is unreachable and you must have your passwords when you need them. Passpack Desktop solves this emergency case and using it is a best practice.

As of today, the bug is fixed. We have also expanded the system to allow for automatic pro-rating depending on how much time was available in your previous plan. And finally, for any user who didn’t contact us to be pro-rated and therefore accidentally paid the full price when upgrading, we have extended the renewal deadline to accomated the double-paid months.

All should work well. But, if you see any errors in your account, please let me know.

As a background: when we first introduced tags, we had considered them as a personal way to organize your data. Technically the Tags data was encrypted separately from the Entries data, in a different, simpler way and… couldn’t be shared the same as entries could be.

So once you all made it clear to us that you did indeed want to share your tags,  we were faced with the problem of how to introduce that feature securely, without completely overhauling the way entries work (Passpack is stable, why risk critical bugs?).

Initially we were thinking of changing the logic of the Tags collection, but the risk of add critical bugs was too high. So in the end, we opted to use a sort of plugin to the entry to contain extra data. This extra data is perfectly sharable and is integrated dynamically in the Tags collection, without changing any of its rules.

This approach solved the immediate problem of how to share tags, but it also will allow us to expand the entries in the future too. I am sure that you have a lot of ideas about what can be added to standard entries. So let us know!

Oops, I was forgetting that if you want to transfer an entry to another user preserving your tags, set the tags as shared and you are done.

Bulk Tag Editing

We also added the ability to apply tags in bulk edit mode. The options should be self explanatory. A couple of particular cases are:

1. If you want to delete all the tags, leave the field empty and chose the merging option “No, substitute them instead” (the logic here is that you are substituting all existing tags with nothing – it’s the equivalent of deleting them).
2. If you want to quickly convert the settings on a bunch of shared entries  to incude tag sharing all at once, without changing any of the actual tags, leave the field blank, leave the substitution checkbox unchecked, and select the “No, activate tag sharing on all of them instead.“

What else?