Mondays are usually productivity days at SimpleProductivity blog. Today I take a short break to review a new website.
One of the things I hate is not having my passwords stored securely. I use different passwords for sites (which is good), but which spawns dozens of passwords. My memory isn’t that great (which is bad).
Yet storing the passwords in the browser is really insecure. A person with minimal hacking skills and a desire to get in will crack that wide open in a few minutes.
A few weeks ago a software manufacturer contacted me with a request to look at their software: a completely encrypted site with super encryption and no way for them to access the data.
Yes, you read that right. The software could not see what is in your files.
The roster of people involved in the creation of this site is impressive: 4 PhDs, a digital forensic expert, and former hackers. These guys know what they are doing.
So I agreed to take a look at this website.
I cannot comment on the actual implementation of the security. I didn’t test it more than the obvious stuff (I am only capable of “hacking” what people leave out in the open on the web). But I did give it some information and play around with it.
The interface is very straightforward: you either have what are termed “password filed” but are really just text files; and a section to upload documents, which are then classified under various headings. Here are pictures of the two screens:
- Secure. From what they are saying is involved, this is top grade security. Can I verify it? No. But if their claims are true, it is top-of-the-line security.
- Multiple files. I liked the ability to split the text files into various chunks. This would aid greatly in organizing information – you could keep work information in one file, and personal in another.
- Ability to upload documents using passkey phrases. When you upload scanned documents, it uses a different type of security – it uses a paired string. This sort of encryption is pretty strong, and is unbreakable without the keys.
- Phone verification. For the pro version, you can get phone verification. I believe this works like the phone verification for Google accounts, which calls you when someone is trying to access account settings.
- Session history. You can see exactly where and when the account was accessed. This would give you a heads up if someone accessed the account.
- No cracking – password known only to user. They do not store the password. Only you have it. All the data is encrypted and stored encrypted. There is no way for them to get at your data.
- Search doesn’t search more than the current file. You can search a file, but only the current one. This could be a disadvantage if you didn’t remember where you stored something.
- Browser asked me to save password. This is a problem. If the password is stored in the browser, it is crackable. With that single password, the whole site is open. And this can be done by someone with limited hacking skills…and would defeat the whole purpose of having a one password access. I pointed this out to the manufacturer as a warning, but I haven’t seen anything show up yet.
- No safety net. If you don’t have your password, you are out of luck. They can’t get it for you, and there is no reset.
- Price. The pro version gives you tons of space (2 GB), extra encryption and backups. However, $49 a month seems a bit much for the average person.
I like the idea of this software. If I really needed secure online storage, I would definitely consider this website.
$49/month $29/month (special promotion)
I was not provided with any compensation or special access to allow me to write this review. I used the 15 day basic trial to gather my information.