When pwSafe is re-launched, it asks the server for the keys it has saved, and the server only includes non-expired keys back in its reply. That random key is then sent to our servers, along with its expiration date.
#Pwsafe cloud cost password#
Here's how it works:įirst, when pwSafe is closed with an open safe, it will encrypt the safe password with a freshly generated random key, and store the encrypted password on the device's Keychain. The solutionĬloud Memory is a cloud service which fixes both issues. If we could set an expiration date on a Ke圜hain password, which we currently can't, setting a very long time (in the order of days instead of minutes) on your safe would still be very insecure, because, during that period, any attacker would easily get hold of your safe's content. We could also save the encryption key and encrypted password on the device's Ke圜hain, but that would only make it harder, not impossible, for someone which got hold of your device to be able to crack your safe open even after the time you've chosen has elapsed. Of course we could encrypt your password, but pwSafe would then need to have access to the encryption key when restarting. To be able to recover it upon re-launching, pwSafe would need to save it on the device's permanent storage. When this happens to pwSafe, your safe's password is also removed from memory.
The reason behind this is that, when iOS needs more memory for a foreground app, it removes backgrounded apps from memory. By design, we choose security over usability, and force your to re-enter your password when re-launching the app. Even if you select a long time to keep your safe open, pwSafe isn't able to respect it.
0 kommentar(er)
