Password Manager – more secure with Host-Proof Hosting
Thousands of teams and individuals trust us to securely store countless passwords. We are thrilled and take your security very seriously, maintaining high levels of security for our servers and databases. Today we introduce a better and more secure way to store them.
We are launching Host-Proof Hosting support in our free online Password Manager application. What that means is that we do not store your actual passwords on our server! We simply have an encrypted version that cannot be decrypted without your master password which only you know. It is not stored absolutely anywhere. This means no one, and we mean nobody except you can ever access your passwords.
This feature is optional, we encourage you to start using it. We made it very simple to switch all your passwords in one step. You will see this new option:
It will prompt for the Master Password and will encrypt all your passwords in a browser and will send it to Freedcamp for storage. Sharing passwords works as before and you only need to share the master password with your team. With great security comes great responsibility – keep your master password recorded in safe place and share it with your team in a secure way!
If you want to try it out first – edit one of your existing passwords or add a new one and select ‘Use Master Password’ checkbox as shown below (1).
Freedcamp will prompt you to create the master password (2). XKCD nailed down that secure password does not need to be like ‘jn[%RSYm@+R?35z’ but can be simple and easy to remember while staying very hard to brute force. We use this approach and suggest this technique not only to create a secure master password in Freedcamp but anywhere where service or vendor do allow spaces and does not restrict password length too much.
We added a new column with hints so it is easy to see which passwords are secured with the master password and not.
Finally once you started using the master password our context menu will have two additional options.
1 – you can change your master password by providing old one (remember – lost master password makes your passwords essentially lost)
2 – you can convert all your passwords secured with Host-Proof Security back to standard encryption (no pressure – choice, as always, is yours).
If you are interested in technical details – please check this page and diagram below.
We also updated our documentation for Password Manager application. If you have any questions – please email us and ask us about details.