Roboform And Safepay

Hi,


I have used safepay and find it very handy BUT with all the different site logins etc, where you might use Safepay, I find it frustrating to try and remember logins etc, why I use RoboForm. In fact sometimes you get the strong urge to go back to the sites own supposed secure site, so that you can use RoboForm to save time, thus missing out the safety of Safepay. Has there been any thought of incorporating programs like RoboForm with safepay, thus keeping the handiness of RoboForm with logins and the security of safepay??


Jeff

Comments

  • camarie
    camarie Principal Software Developer BD Staff
    Hi,


    I have used safepay and find it very handy BUT with all the different site logins etc, where you might use Safepay, I find it frustrating to try and remember logins etc, why I use RoboForm. In fact sometimes you get the strong urge to go back to the sites own supposed secure site, so that you can use RoboForm to save time, thus missing out the safety of Safepay. Has there been any thought of incorporating programs like RoboForm with safepay, thus keeping the handiness of RoboForm with logins and the security of safepay??


    Jeff


    RoboForm works for a number of browsers, using browser extensions, which Safepay does not load for security reasons.


    I will ask the product manager about this - maybe in a some form of "user defined extensions" that the user can pick up for use with Safepay, but I will tell you from the start that this will break the very foundation Safepay was built - create a secure, isolated session for the user to work with. While I completely understand the fact that productivity extensions are invaluable for a day-to-day browser, when it comes to security we are trying to cut off from the rest of the world. Also, Safepay is not intended for day to day browser usage - that is why it is asking for an URL to be opened, or opens it automatically *only* is marked as clean *and* a bank and not for everything else.


    Bottom line - what you see as a convenience loss from the regular browsing usage, it is a "by design" feature imposed by Safepay (in fact, there will be easy to let every Chrome-based extensions to load - I had to implement custom code for *not* loading extensions).


    The good news is that we are starting - and I mean today - to implement a new major feature, which will include password management and contact information (aka wallet).


    Obviously this won't be done in a heartbeat since is a hard implementation to do it right - but we are doing it.


    Safepay will integrate this feature inside.


    Regards,


    Cristian

  • RoboForm works for a number of browsers, using browser extensions, which Safepay does not load for security reasons.


    I will ask the product manager about this - maybe in a some form of "user defined extensions" that the user can pick up for use with Safepay, but I will tell you from the start that this will break the very foundation Safepay was built - create a secure, isolated session for the user to work with. While I completely understand the fact that productivity extensions are invaluable for a day-to-day browser, when it comes to security we are trying to cut off from the rest of the world. Also, Safepay is not intended for day to day browser usage - that is why it is asking for an URL to be opened, or opens it automatically *only* is marked as clean *and* a bank and not for everything else.


    Bottom line - what you see as a convenience loss from the regular browsing usage, it is a "by design" feature imposed by Safepay (in fact, there will be easy to let every Chrome-based extensions to load - I had to implement custom code for *not* loading extensions).


    The good news is that we are starting - and I mean today - to implement a new major feature, which will include password management and contact information (aka wallet).


    Obviously this won't be done in a heartbeat since is a hard implementation to do it right - but we are doing it.


    Safepay will integrate this feature inside.


    Regards,


    Cristian


    All noted and sounds good about the "wallet", sounds like the fix.


    Jeff

  • RoboForm works for a number of browsers, using browser extensions, which Safepay does not load for security reasons.


    I will ask the product manager about this - maybe in a some form of "user defined extensions" that the user can pick up for use with Safepay, but I will tell you from the start that this will break the very foundation Safepay was built - create a secure, isolated session for the user to work with. While I completely understand the fact that productivity extensions are invaluable for a day-to-day browser, when it comes to security we are trying to cut off from the rest of the world. Also, Safepay is not intended for day to day browser usage - that is why it is asking for an URL to be opened, or opens it automatically *only* is marked as clean *and* a bank and not for everything else.


    Bottom line - what you see as a convenience loss from the regular browsing usage, it is a "by design" feature imposed by Safepay (in fact, there will be easy to let every Chrome-based extensions to load - I had to implement custom code for *not* loading extensions).


    The good news is that we are starting - and I mean today - to implement a new major feature, which will include password management and contact information (aka wallet).


    Obviously this won't be done in a heartbeat since is a hard implementation to do it right - but we are doing it.


    Safepay will integrate this feature inside.


    Regards,


    Cristian


    Password management should be a resource for use in a normal website. I think Safepay should not, in any way, introduce actions that compromise user security when accessing your bank or shop online.


    Any improvement in the security system is always welcome, but resources that might compromise the security must be avoided.


    A hug.

  • camarie
    camarie Principal Software Developer BD Staff
    Password management should be a resource for use in a normal website. I think Safepay should not, in any way, introduce actions that compromise user security when accessing your bank or shop online.


    Any improvement in the security system is always welcome, but resources that might compromise the security must be avoided.


    A hug.


    That's why we started to implement password management (websites, email, online banking, cards, applications, personal informations) and wallet functionality 3 weeks ago. We will offer our own solution (for Safepay) and an alternative (for other programs) without relying on external programs.


    Regards,


    Cristian

  • Joao40
    edited December 2012
    That's why we started to implement password management (websites, email, online banking, cards, applications, personal informations) and wallet functionality 3 weeks ago. We will offer our own solution (for Safepay) and an alternative (for other programs) without relying on external programs.


    Regards,


    Cristian


    Another excellent idea, Cristian, increasing confidence in the resources offered by Bitdefende.


    Thank you for your clarification.

  • I can understand the concept of excluding 3rd party tools, BHOs etc.


    Any solution that excludes Roboform- which is much more secure way to retain and log in than manually typing- is an absolute no no for me.


    I use many financial (and other) sites regularly, and absolutely rey on it.


    Maintaining passwords, logins, URLs in two separate databases is one headache I definitely don't need.


    If you implement a custom solution, it will need to easily import passcards from Roborm. And to date, that's meant using the previous version of Roboform to export them, as v7 doesn't support that.


    So I'm guessing this is one feature I'll be forced to ignore.


    Roboform is the ONLY password manager I've found that makes coping with 2 stage logins where selected characters (e.g. 3, 5, 7, variable) are required from a password by a variety of means (site dependent) possible, and that's amost universal in the UK.


    What astonishes me is that bank IT depts are unaware of such tools and dissuade customers from using them.

  • Joao - just to emphasise the point.. if you introduce a tool, it must handle both autofill cases (whole string) and the case where selected characters are required (manual fill). And remember- using Roboform I don't have to type the URL: so two clicks gets me to the bank first page, fills the fields, and automatically on to the second log-in page, where I can select a Roboform note to display the string displayed with 1 2 3 4 5... underneath it fr which I select (say) characters 5,7,11.

  • camarie
    camarie Principal Software Developer BD Staff
    Joao - just to emphasise the point.. if you introduce a tool, it must handle both autofill cases (whole string) and the case where selected characters are required (manual fill). And remember- using Roboform I don't have to type the URL: so two clicks gets me to the bank first page, fills the fields, and automatically on to the second log-in page, where I can select a Roboform note to display the string displayed with 1 2 3 4 5... underneath it fr which I select (say) characters 5,7,11.


    Getting back with news regarding interaction with password management tools.


    The 2014 product line will have a new feature called Wallet - a simple version of password collectors from other browsers (namely IE, Firefox, and Chrome) as well as Skype and Yahoo messenger (for now).


    Interaction with other programs gets a larger approach in the Safepay standalone (which will see beta around May 31st). Basically, there is no need anymore to incorporate/communicate with other password manager tools because there will be the possibility to switch back and forth between the regular default desktop and the Safepay desktop. This way the user can launch Safepay, switch to default desktop to grab a password, switch back to Safepay and just use it. Think as a kind of Alt-Tab between desktops.


    Not sure if and/or when this will be incorporated in 2013 version of the product, though.


    Regards,


    Cristian

  • Getting back with news regarding interaction with password management tools.


    The 2014 product line will have a new feature called Wallet - a simple version of password collectors from other browsers (namely IE, Firefox, and Chrome) as well as Skype and Yahoo messenger (for now).


    Interaction with other programs gets a larger approach in the Safepay standalone (which will see beta around May 31st). Basically, there is no need anymore to incorporate/communicate with other password manager tools because there will be the possibility to switch back and forth between the regular default desktop and the Safepay desktop. This way the user can launch Safepay, switch to default desktop to grab a password, switch back to Safepay and just use it. Think as a kind of Alt-Tab between desktops.


    Not sure if and/or when this will be incorporated in 2013 version of the product, though.


    Regards,


    Cristian


    That sounds like good news, Please keep us informed. When will 2014 products launch, I am coming up to an anniversary so may purchase the new version.


    Jeff

  • camarie
    camarie Principal Software Developer BD Staff
    That sounds like good news, Please keep us informed. When will 2014 products launch, I am coming up to an anniversary so may purchase the new version.


    Jeff


    Will do. There will be an announcement regarding the GM release in the next weeks.


    You can evaluate the features downloading it as soon as it will be available and get back to us with feedback at any time.


    Regards,


    Cristian