Why are people storing passwords externally these days. The password app I wrote for myself (and which Apple decided was "We found that your app only provides a very limited set of features. While we value simplicity, we consider simplicity to be uncomplicated - not limited in features and functionality." and denied) has been more than adequate for my needs and doesn't store passwords anywhere. I should really get around to adding useless functionality to it so that Apple can approve it. Seriously though, it was made simple to be used quickly and to be as powerful to the user as possible.
Again, why are people storing passwords with other people... /sigh
The issue is that they store your details. They could quite easily make an offline version where you never transmit data to them. This would prevent any data leaks.
If you store something that people want to keep secret, expect others to want to steal it. The more secrets you store, the greater the desire to steal.
FYI: For SSH logins you should be using keys not passwords, and I would say something about FTP, but I know too well that clients stupidly ask for FTP access. because they have no clue about security.
Sure, no password have (allegedly) been taken, but that is this time. It just take one real data breach for your passwords to be taken. What if these allow access to very confidential information? What will you explain to your clients then? "I kept my passwords externally for convenience"? I doubt they would appreciate convenience coming before their confidential information. If it is confidential information, as a client, I'd rather it be stored locally rather than externally. I mean, sure, if the information isn't that important, like maybe some forum account, use it. But for serious data, I just feels like you are going to a guy with a target on his head and saying "Hey, can you hold on to this for me."
Seriously, this is is something I will truly never understand. I mean, if you are scared of losing your data locally, just set up a cron job (or whatever the windows equivalent is) to back up the data to an external hard drive. Storing them with somebody else is just a security risk I wouldn't take.
I think it was just the major password was stored externally.. The only reason why I can think that they would do this is convenience for the end user. Not everyone is a savvy as a lot of us Tech people, they need help to do things, so when someone tells them.. "Hey we'll store your password safely with only you having access via one password that we will totally encrypt and it will be the safest thing ever LOLZ" ... people believe them because they can't be bothered remembering passwords.
Windows would have Scheduled Tasks which is an awful implementation. Crontab forever, but maybe not for backing up passwords. I'm annoyed enough when I think the sudo prompt has come up and I type the root password into my command history.
" because they can't be bothered remembering passwords"
Isn't part of the issue we have to use passwords we are now no longer ABLE to remember (this LastPass etc). They have to be long, they can't be words, they have to be a mix of characters and you need a different one for every web site you go to.
I don't see myself remember z00Yfy59gCpJZN7s and cqCTWQWJd3qDv any time soon. Even using the idea ThatYouCanMakeASentanceAndKeepEveryFirstLetter sort of thing doesn't work when the number of passwords an average person needs to have is in the hundreds.
I did have a fairly lengthy description of what my App did, but now I think I should really flesh it out more and release it as there is a need.
I can confirm that my app doesn't connect externally (doesn't even make a call home attempt) so you'll never have to send me anything, yet all passwords are 16 characters and unique and as long as you remember your master password, safe from those that don't know that password.
Sorry not pushing my app... trying to get myself hyped to finish it. Blah... we do need passwords, we just need to educate users to not put trust in external services that "store" your passwords.
Why are people storing passwords externally these days. The password app I wrote for myself (and which Apple decided was "We found that your app only provides a very limited set of features. While we value simplicity, we consider simplicity to be uncomplicated - not limited in features and functionality." and denied) has been more than adequate for my needs and doesn't store passwords anywhere. I should really get around to adding useless functionality to it so that Apple can approve it. Seriously though, it was made simple to be used quickly and to be as powerful to the user as possible.
Again, why are people storing passwords with other people... /sigh
[This comment was removed]
Seriously, this is is something I will truly never understand. I mean, if you are scared of losing your data locally, just set up a cron job (or whatever the windows equivalent is) to back up the data to an external hard drive. Storing them with somebody else is just a security risk I wouldn't take.
I think it was just the major password was stored externally.. The only reason why I can think that they would do this is convenience for the end user. Not everyone is a savvy as a lot of us Tech people, they need help to do things, so when someone tells them.. "Hey we'll store your password safely with only you having access via one password that we will totally encrypt and it will be the safest thing ever LOLZ" ... people believe them because they can't be bothered remembering passwords.
Windows would have Scheduled Tasks which is an awful implementation. Crontab forever, but maybe not for backing up passwords. I'm annoyed enough when I think the sudo prompt has come up and I type the root password into my command history.
" because they can't be bothered remembering passwords"
Isn't part of the issue we have to use passwords we are now no longer ABLE to remember (this LastPass etc). They have to be long, they can't be words, they have to be a mix of characters and you need a different one for every web site you go to.
I don't see myself remember z00Yfy59gCpJZN7s and cqCTWQWJd3qDv any time soon. Even using the idea ThatYouCanMakeASentanceAndKeepEveryFirstLetter sort of thing doesn't work when the number of passwords an average person needs to have is in the hundreds.
We really need something other than passwords
I did have a fairly lengthy description of what my App did, but now I think I should really flesh it out more and release it as there is a need.
I can confirm that my app doesn't connect externally (doesn't even make a call home attempt) so you'll never have to send me anything, yet all passwords are 16 characters and unique and as long as you remember your master password, safe from those that don't know that password.
Sorry not pushing my app... trying to get myself hyped to finish it. Blah... we do need passwords, we just need to educate users to not put trust in external services that "store" your passwords.
I think there is a need, for options at least. We seem to be stuck with passwords, lots of them, and a lot of people eager to get their hands on them.
I'd definitely urge you to flesh your App out and give it a go on the market :)