11/26/2023 0 Comments Roboform security issuesOr you'll have the option of doing it so that you need to supply both a fingerprint and a master password. So if you swipe your finger, it'll give you access. And you'll be able to do it as either a single factor where the fingerprint will actually work in conjunction with the existing master password. Then you have the two factor authentication, which would make it a little harder for people to crack.ĭoes RoboForm offer fingerprint reading as an option or alternative to a master password?Ĭarey: We do have some fingerprint support now and we're working on improving it. Now I think if you use them in conjunction with then you have a win-win situation. So I don't think fingerprint readers are necessarily secure. When you scan your fingerprint, your fingerprint returns a value of true or false, and a hacker can go in there and fake out the true or false response. But a hacker can just go in there and bypass the biometrics. There are a lot of fingerprint that will recognize your fingerprint. I don't think they're totally secure yet. I think things like retina scans and biometric authentication and things along those lines are still science fiction at this point. Do you think the industry needs to look beyond passwords, or are these biometric methods more like science fiction at this point?Ĭarey: I think that's a good way to put it. Is the whole concept of using passwords something that needs to be rethought? There's always been talk of other types of authentication methods, such as biometric security, fingerprints, etc. But we believe we've put in strong security measures in order to prevent this type of thing from happening. There's always going to be someone out there trying to hack you. But whenever you're dealing with stuff on a server, there's always an inherent risk of security. All the data between the computer and the server is encrypted. We've also secured our servers at a Tier-1 hosting facility. There's that extra layer of protection in there just by default. And that's going to be slower than if you have to brute force attack without that layer of software that we have. And so it's going to be infinitely slower to try to brute force attack somebody because you have to write your script to use every combination of words that you want, it has to go through the software, and the software is going to have to return a value as to whether or not that worked. Now with ours, one of the things that makes RoboForm less subject to brute force attacks is that you'd have to script your brute force attack to actually go through the RoboForm software itself. I think inherently if you have a strong master password, it's going to be difficult for someone to get that password and have access to that data, whether you're using RoboForm or LastPass. But if someone had a weaker, more easily decipherable master password, then there was some concern.Ĭarey: And I think they're right about that. I think they seemed to feel that if someone had a strong non-dictionary master password, then they were pretty much in the clear. It'll be more secure in the sense that the likelihood of a hacker hacking into an individual computer is going to be less than 10,000 users with all their passwords in the cloud. It's going to be more secure on your computer naturally than it would be in the cloud. But primarily, we have always focused on the computer as being the hub for your information. We have an optional RoboForm Everywhere service, which allows you to sync to the cloud. It's encrypted on your computer and it's always available from your computer. Assuming there was some kind of loss of data or breach at LastPass, can you describe RoboForm's security methods? What do you say to RoboForm users who may now be concerned about storing their data and passwords using a similar method?Ĭarey: First and foremost, the biggest difference between us and LastPass is that RoboForm by default stores your information on your computer. Yeah, and that is more the point I wanted to get to.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |