The Expert Community for Bathroom Remodeling

Why I don't use password managers. Overview of Cross-Platform Password Managers Password Manager Extension

A password manager is a natural solution to the problems associated with the use of passwords for various services and applications. A good password manager integrates seamlessly with a web browser, making it easy to create new accounts in web applications, log in to web pages, and make purchases online. Which application to choose?

Over the years, the function of programs for collecting and storing passwords on a computer has changed markedly. Classic password managers have been replaced by tools that synchronize credential information across all user devices. These programs are constantly evolving, and new features can greatly improve your user experience.

Storing sensitive data in the cloud continues to raise a number of security concerns among users. Developers password managers they try to convince us that the databases are encrypted and decrypted only at the device level, and the password and encryption keys are never transmitted to the servers. Data encryption is carried out according to the AES-256 algorithm, which is considered the most secure today. As a result, no supplier, company, or US government agency has access to the data, nor will it in the future. At least in theory. On the other hand, if you yourself forget the master password, the saved data will be irretrievably lost.

In some programs, access to the password vault can be protected by additional authentication. During account registration, the user enters a standard username and password, and provides additional proof of identity. This so-called two-factor authentication.

Experts agree that good protection consists of two parts: what you know yourself, that is, the password, and what can be checked through applications on your smartphone.

Popular programs also support biometrics mechanisms in the area of ​​application access. Support for fingerprint readers in Android devices works well, and Touch ID and Face ID functions in Apple devices are often also supported.

Overwhelming majority password managers are commercial projects. Some, however, can be used for free, but the main limitation of such versions of the program is the support for only one user device. In other words, without a paid subscription, you won't be able to sync your passwords across other devices.

Despite this, if the number of services and online services that you use is in the tens, using a password manager is fully justified.

Which password manager to choose

1Password

1Password allows you to create an account and store data on servers located in Canada or within the European Union. The program stores login information, credit card numbers, and bank account information. It also integrates with popular iOS apps for easy access to apps and websites.

The application does not support the classic two-factor authentication mechanism, but implements this idea in a slightly different way. The program creates secure key (Secret Key), which plays an important role in encrypting data on the device. This key is used in conjunction with the master password to secure the user's database. On the technical side, this is a unique 128-bit identifier generated locally that never leaves the user's device.

1Password is equipped with another interesting feature - Travel Mode. Every time you cross country borders, all important data from the vault will be deleted, except for those that are explicitly marked as safe for travel .

1Password is the first manager to use a new standard that provides direct access to the system random number generator. This generator is used in encryption operations. In addition to increased security, the encryption process is 10 times faster.

Dashlane

Dashlane organizes website passwords, notes and data into separate tabs. Saved items can be categorized and the built-in search engine makes finding them easy.

The Secure Digital Wallet module built into the program collects information about debit and credit cards, bank login credentials, passwords for PayPal and other financial services. In the process of paying for a purchase Dashlane automatically fills in the fields required to complete the transaction.

Dashlane allows you to select one of two security levels. Additional identity verification may be required each time you sign in to the service. The more lazy will choose the second option, that is, two-factor authentication only at the time of adding an account on a new device.

Dashlane supports FIDO U2F YubiKey - a hardware key in the form of a USB key, which, at the time of identity verification, is simply inserted into the appropriate port of the computer. Unfortunately, this support is only available in the paid version of the app.

The unique feature of the program is Password Changer, which at the touch of a button allows you to change from one to a thousand passwords for popular applications and web pages. Password Changer automatically replaces old passwords with new, much stronger ones, and remembers them in the database. The feature works with thousands of pages, although the list of supported services is dominated by representatives from the United States. Among the popular ones also in Russia, we found Netfliks, Spotify, Evernote, Vimeo, Runkeeper, as well as Kayak.com travel planning service.

Additional function Instant Security Alerts will automatically notify you of the need to change your password on the specified service. Since we constantly hear about popular websites being hacked and millions of user account passwords being stolen, the Instant Security Alerts feature will help you maintain a high level of protection.

Dashlane has a built-in security test that analyzes your passwords step by step and tells you what needs to be changed in order to be able to feel secure.

KeePass

KeePass Password Safe for Windows is one of the last "old school" managers, password records are stored in a local database. This thesis confirms the ascetic interface. AT KeePass the user simply creates a database with his own structure and fills it with login data.

Because of this, the program great for storing passwords from computers, network services, email accounts, and FTP servers. The database will also store credit card numbers, a PIN code for the front door or short notes that must remain confidential. KeePass handles remembering credentials of websites and web applications differently. These features are implemented as plugins for popular browsers. Native integration doesn't always work as it should.

In one KeePass has a huge advantage over its competitors. The program is developed on the basis of an open source license, has a large circle of dedicated users, and everyone can verify that the encryption algorithm used was written correctly and does not contain security vulnerabilities.

AT KeePass The authors implemented two encryption algorithms for the database: AES/Rijndalel and ChaCha20, both with a 256-bit key length, as well as an AES-KDF and Argon2 key conversion function. Access to the database can be protected by a password, an encryption key, a Windows account, or each of these methods at the same time.

The most important competitor - Password Safe - seems like a poor relative in the background KeePass, but has one important function. The program natively supports YubiKey hardware tokens, although the FIDO U2F mentioned in the article is not supported.

LastPass

LastPass works with all major browsers: Chrome, Firefox, Opera, Internet Explorer, Edge and Maxthon. The program is installed as a plug-in and is displayed in the browser as an icon on the toolbar. Credentials are managed in the cloud through a dedicated web page. An app is also available for Android, Apple and Windows Phone mobile devices.

LastPass takes the issue of logging in with two-factor authentication seriously. The second authorization component here can be a code from an application on a mobile device, the LastPass Grid and LastPass Sesame program code, as well as a user fingerprint, a certificate on a cryptographic device, or a one-time password generated on YubiKey or RSA SecureID hardware tokens. Supported apps for 2FA include Google Authenticator, Duo Security, and Authy.

The program saves credentials entered on web pages, can intercept credentials, e-mails, and import data from other password managers.

LastPass good for family use. The six-person plan costs $4 per month and still allows you to take full advantage of the password sharing and disaster recovery feature.

AT LastPass you can give a trusted friend or family member access to the vault. You decide who can access your saved passwords and for how long. Similar opportunities are offered by all program competitors.

RoboForm

RoboForm provides its software in Free (free) and Everywhere versions (from $19.95 per year). There are a lot of differences between the free and paid versions.

The first offers the main features of the program for a single device: an encrypted database, a mechanism for remembering credentials for applications and websites, and a web form autofill module.

Means to sync data between devices, share passwords between family and friends, or backup to the cloud with access to passwords in the browser are available only in the paid version of Everywhere.

RoboForm has a handy system for organizing saved credentials along with a functional search engine that helps you find them when you need them. The program is supported using the browser, but when the module is launched Defense Center you'll have access to the classic Windows window from which you can manage your logins, bookmarks, app credentials, identities, and secret notes.

Compared to competitors, RoboForm offers dozens of menu options and settings. True, they are "well hidden" so you don't need to use them, however, if you want to customize the program to suit your needs, there is such an opportunity. RoboForm also available for Linux users and Chrome OS devices.

Password managers are becoming more and more popular. The ability to store all your passwords in one place is very attractive. With mobile devices, you can have all your passwords at hand at all times without compromising the security of your data. There are tons of password managers for PC, Mac and mobile devices. Here are the best password manager apps for Android.

aWallet Password Manager
(downloads: 1139)
aWallet is one of those password manager apps that have been around for a long time. The application stores passwords, bank transactions, information, credit card information, and user data if you need it. There is also built-in search, custom icons, and an auto-lock feature. There is even a built-in password generator so you don't have to worry about it. The password manager covers everything you need, including AES and Blowfish encryption. You can download the app for free or buy the PRO version.

Dashlane
(downloads: 341)
Dashlane is another app that has been available to users for a long time. Dashlane offers all the features you need, including support for passwords, credit cards, and other sensitive information. The app also supports password autofill on websites and apps. You can backup locally or using the cloud. Encryption in 256 bit AES works as expected. You can use most of the features for free, but if you want to use all the features, you'll need to subscribe to a paid subscription. This is one of the more solid password managers for Android.

Enpass Password Manager
(downloads: 210)
Enpass is quite a powerful password manager. It covers all the main features and there are also versions for Mac, PC and Linux. The app also does not require a subscription fee, which is a good sign. The application allows you to backup and restore your data, includes 256-bit AES encryption, cross-platform synchronization, you can also import data from other password managers, which will facilitate the transition. You will also be able to use autofill in Google Chrome if you are using that browser. The app is free to download, with a one-time payment of $9.99 to unlock all features.

Keepass2Android
(downloads: 251)
Keepass2Android is one of the most basic password manager apps on this list. Keepass has basic features with which you will be able to backup passwords and the like. However, the app doesn't offer more of the elephants features of most competitors. The main feature of the application is a completely free open source distribution. The application is based on the code of Keepassdroid (another free and open source password manager), both applications are compatible with each other.

Keeper
(downloads: 228)
Keeper is a password manager with a lot of features. The main feature of the application is 256-bit AES encryption and PBKDF2, which certainly help to feel safe. However, the application covers the main features, includes auto-fill in various applications and websites. Along with passwords, Keeper also includes video and photo vaults where you can store sensitive images or videos. The app also supports fingerprint lock, which is always helpful. You can also sync the app between devices and store your data in the cloud if you want. It's a pretty decent option, though you'll need a subscription to get all the features.

LastPass
(downloads: 189)
LastPass follows the same path when it comes to the password manager for Android. LastPass offers a metric ton of features, including password autofill in apps, websites, and individual forms. The application also helps to store photos and audio notes. There are several other, more unique and unusual features, including support for a fingerprint scanner, a password generator, a password audit that will let you know if the password is weak, the application also provides the ability to use the emergency help of a friend or family member. You can use the core app for free, but you'll need a paid subscription if you want to use all the features. You can also download LastPass Authenticator from Google Play to add a 2nd factor authentication for added security.

mSecure Password Manager
(downloads: 95)
mSecure is one of those password managers that has been around, seemingly forever. However, the app has seen several updates since its inception and the look and feel of the password manager remains relatively modern. In addition, the manager supports basic features, 256-bit AES encryption, a password generator, and the ability to back up your data to your SD card. The app also has a self-destruct feature in case someone gets the password wrong too many times. It's a solid all-in-one password manager, although the lack of a free version may turn some users off. We recommend looking at some of the reviews and giving the app a try.

Password Safe and Manager
(downloads: 148)
Password Safe and Manager is the sweet spot when it comes to choosing a password manager. This application doesn't need to be connected, and 256-bit encryption will make you feel relatively safe. The password manager uses a Material design that looks really great. You can place passwords, categorize them for easy viewing, and generate new passwords on the fly. In addition, the password manager offers automatic backup features. And the app offers significantly more features if you buy the PRO version for $3.99. It's not the most powerful, but a very good application.

RoboForm Password Manager
(downloads: 304)
RoboForm is a very old app, but it's still one of the best password managers for Android. It does what it's supposed to do and does it well, and it also offers bookmarks so you can find your most used passwords faster. The app also recognizes new passwords when you create them and log in, a neat solution. The password manager also supports multi-step logins, which is very convenient. The app works with Chrome and Firefox, even Dolphin Browser. This is a completely free app that works great.

SafeInCloud Password Manager
(downloads: 194)
SafeInCloud is a cloud-based password manager, a very capable one. It stores all your data in the cloud, with which you can sync any of your devices. The app includes Material Design, 256-bit AES encryption, supports fingerprint scanner, Android Wear, password generator and password strength calculator. You will be able to automatically fill in the fields in some browsers. You'll be able to get most of the features with the free version, while the PRO version will set you back a very reasonable $1.99.

If you are reading this magazine, you are probably aware of the basic rules of Internet safety and follow them. You come up with a separate password for each account and try to use the most complex combinations. I'm sure you've been working with some kind of password manager for a long time. But even this is not enough - after all, you most likely have a bunch of computers, browsers and mobile devices. And after each high-profile hack, you rush to change everything you can. How to make your life a little easier?

A modern password manager is no longer just a program for storing encrypted passwords. Such a program requires support for mobile platforms, browser plugins, methods for securely synchronizing user data, and much more. The most advanced programs can, for example, warn the user that something has been hacked somewhere and that they need to change their password. In general, the space for the imagination of developers is huge, and it is not surprising that some of the managers presented in the review are successfully sold for tens of dollars.

The password database is encrypted with symmetric AES-256 and the master password is hashed with SHA-256. As a synchronization, they usually use either a good old flash drive, or one of the cloud services, such as Dropbox. Some mobile clients, by the way, can work with storage in Dropbox automatically.

There are a bunch of plugins and additional tools for KeePass: utilities for importing/exporting passwords from the database, browser plugins that allow you to automatically fill out login forms, and additional backup and synchronization tools. All this is collected on a separate page.

Unfortunately, such a zoo of customers also has disadvantages. There are currently two versions (1 and 2) of the database that are incompatible with each other. However, there are clients that support only one of the versions. Despite the fact that the main application is free, there are also paid clients, for example, for iOS. As is often the case with similar projects, the interface of some clients leaves much to be desired.

  • Windows, Mac
  • Android, iOS

This client from AgileBits has already earned popularity among many users. The first thing you encounter when working with it is an incredibly thought out to the smallest detail and user-friendly interface. When adding a new web service, the program automatically downloads its icon and takes a screenshot of the main page.

The application also comes with the ability to install browser clients. They allow you to automatically add new passwords to the database (similar to the password remembering functions built into the browser), as well as auto-complete login forms.

The database starting this year is now encrypted with AES-256. There are two options available for synchronization: Dropbox and iCloud. Both the app and the plugins also have a handy secure password generator.

Since the developer came from the world of Apple, there are some nuances. For example, a high price: a desktop application costs about $50.

Under Linux, there is no client at all, and on Android, 1Password can only view passwords, and not edit them or add new ones.

Strip

  • Mac, Windows
  • Android, iOS

Strip is another interesting password manager from Zetetic. Simple and lightweight, it can do everything you need from a password manager, but no more. Supports Windows and OS X platforms. In the list of mobile platforms: Android and iOS.

The password database is stored in SQLite and encrypted with AES-256 using the SQLCipher addon. Synchronization between clients occurs either through cloud storage (your choice: Google Drive or Dropbox), or via Wi-Fi. Application clients are paid, but the price (unlike 1Password, for example) is quite mundane: mobile clients cost $5, desktop clients $10.

Of the obvious disadvantages, it can be noted that at the moment there is no possibility of integrating Strip with browsers for automatic password entry - a very useful functionality and protection against keyloggers. True, the authors report that work on add-ons is in full swing, so after a while we can expect a fully functional password manager.

Also on the developer forum, there were mentions of plans to launch a Linux application.

  • Mac, Windows
  • Android, iOS

Dashlane is a fairly young password manager with an active desire to be the best and most secure of its kind. And indeed, it has a very nice interface, support for various operating systems (unfortunately, Linux is also in flight here) and an adequate price.

Passwords in the database are stored encrypted with AES-256. It is possible to synchronize through your own dashlan cloud. One of the coolest features is the ability to use two-factor authentication through Google Authenticator, which allows you to increase data security. There are also all sorts of nice little things, such as a security dashboard that displays summary information on passwords, or rather strict requirements for a master password (different case, numbers, at least eight characters). There is also the possibility of web access to passwords.

The standard package also contains browser plug-ins that work in the usual way - allowing you to automatically fill in known forms and save the results of entered passwords.

The pricing policy of the company is also interesting. Firstly, all installed applications are free, and services for using the service are paid. Secondly, there is a free plan (without sync, backups and web access), and there is a premium one, which costs quite adequate $ 20 per year.

Of the minuses, one can note the lack of a full-fledged client for Linux and a slightly annoying logo in each input field, which the browser plugin adds.

  • Mac, Windows, Linux
  • Android, iOS, Windows Phone

LastPass is a fairly old password manager. It is noteworthy that he, in fact, does not have a client application. All password management functionality is implemented through a web application and through browser plugins. But, despite this, the service in terms of functionality is quite powerful. It is possible to exchange passwords with friends.

The password database is encrypted with AES-256 and synced between the plugin's storage and the LastPass server. There are also portable versions, both browser plug-ins and a standalone application for Windows.

It is also worth noting that there are native applications for any mobile platform (including webOS or Symbian). Moreover, for example, for Android there is both a separate application and a plug-in for the Dolphin browser.

In terms of cost, everything is simple, there is the possibility of free use, there are additional paid features. A premium account costs a dollar a month or $12 a year.

In general, there are controversial feelings from the service. On the one hand, it is quite widespread and it is possible to use it on all conceivable and inconceivable platforms. On the other hand, the service has been developed for a long time and today there is no sense of gloss inherent in younger password managers.

  • Mac, Windows, Linux
  • Android, iOS, Windows Phone

My1login is a startup similar to Lastpass but with a focus on password sharing. It is based on a web application, with the ability to edit passwords, and there is a JavaScript bookmarklet to save them from forms and automatically enter them. The main killer feature of the password manager is the group work with passwords: it is possible to create several accounts within the organization, it is possible to control the access of different people to certain passwords. Such a use case is suitable primarily for small groups that have a certain base of props within themselves. In this case, for example, after a scheduled change of the password for a certain service, there will be no need to send new data to each user. It's still a bit safer than storing the list somewhere on the wiki. It is also worth noting an interesting two-step authorization.

Unfortunately, this project does not have the extensive infrastructure inherent in "adult" password managers. There are no mobile applications, there is no way to work with the password database offline. Browser plugins are also more convenient than a bookmarklet: they can be updated themselves and implement a more convenient interface.

Therefore, let's hope that My1login will find its user and be able to fill in the gaps in the service.

  • Mac, Linux
  • open sources under GPLv3 will increase the credibility of the manager and help form a developer community;
  • implementation in python, which will make it possible to make a cross-platform application for desktop clients;
  • mobile applications will allow you to work with the password database without a computer at hand;
  • synchronization via P2P will avoid the cost of maintaining the "cloud" and reduce the likelihood of a mass leakage of details.

All this looks very promising, if not for one "but": while most of the functionality is only in the plans. At the moment, there is a good implementation that works and synchronizes under Linux and OS X. In the best traditions of crowdfunding, the author offers interested users to chip in money, allowing him to devote 100% of his working time to the project. As the ultimate goal, the bar is set at $60,000 (which, it should be noted, is quite a lot). The entire project is posted on github, so you can follow the progress of development. In fairness, it should be noted that the pace of development at the moment can hardly be called inspiring.

In any case, the declared functionality looks quite “delicious”, so it makes sense to take a closer look at this password manager.

Over the past year, 4.2 billion passwords have been stolen. This outrageous figure should worry anyone who deals with the Internet. The US Federal Trade Commission has analyzed what happens to the stolen credentials. After stolen logins to Facebook, Google, Netflix and online banking are posted on a hacker forum, on average it takes only nine minutes before the first attempt to enter your account. Since two out of three users use the same password for multiple services, a stolen key opens many doors at once.

The above number also demonstrates that now passwords can be stolen not only from individual users who fall for the bait of a phishing message. Hackers have set their sights on large services, which promises them gigantic profits. Large IT concerns such as Yahoo! and Uber.

Strong password generation

The US National Institute of Standards and Technology has made adjustments to the rules for creating secure codes. Several innovations:
Length: The strength depends on the length of the password. The longer it is, the better.
No logic A meaningless jumble of letters is more reliable than you might think. But the password shouldn't be a digital hash.
Uniqueness: Use the password only once.
Examination: With the Pwned Passwords online service, you can find out if your passwords are being used by someone else or have been made public.
Change if necessary: If user data is stolen from the servers of any service of which you are a client, change your password.

More recently, studies have averaged 20-30 password-protected accounts per user. Recent data suggests a much higher number. A password manager used for corporate purposes stores an average of 191 passwords for business customers. But even those with only ten accounts have little to no adherence to the basic rule of security: a password cannot be used more than once.

Protection for all passwords

This is precisely the problem that the ten password managers we tested help to solve, acting as a safe for secure passwords and working on Android, iOS and Windows. They store all passwords centrally in one place. These safe protection products use powerful AES encryption with a virtually unbreakable 256-bit key length. Such a database can only be unlocked with the correct master password. Thus, the user does not need to remember the password for each of his accounts, but only the master password that opens the safe with all other codes.


At the same time, the products we tested work according to two different principles: eight managers, including the top three LastPass, 1Password and Dashlane, are online services. The encrypted password database is stored in the service provider's computer centers.

For the user, this is the most convenient solution, since passwords are used not only on a desktop computer, but also on smartphones and tablets. In this case, to start synchronization, you just need to enter your login and master password. All codes will be at your fingertips anytime, anywhere. However, such services require you to trust the provider and make sure that the master password is really not available to him and there is no way to access the database in any other way.


The second principle of operation chosen by the developers of such a popular open source program as KeePass, as well as by Steganos for its password manager, is to store the password database locally.

We recommend starting with storage on your PC and only then pulling up mobile devices. Both local solutions have the advantage of keeping the user in full control of the vault. For this reason, we awarded KeePass the highest score in the Security category. This method is less convenient, since you yourself will have to think about how to get passwords from your smartphone. However, KeePass is the only program that can interact with various applications that read this database format.

For example, in testing, we chose KeePass2Android (Android) and MiniKeePass (iOS). All other password managers already come bundled with suitable applications.

Dual Master Password Protection

The security of the password manager is based on the master password (see box on the right). Therefore, it is not clear to us why half of the participants in our testing accept even such elementary codes as "1234abcd".

Only 1Password, Dashlane, and well-known antivirus vendors such as F-Secure, Kaspersky, and Avira require more complex master passwords. It is equally important to protect your safe by other means - in this respect, the tools from antivirus experts are frankly hacky.

Choosing a master password

Using suggestions. A funny line from a Netflix series or your grandmother's proverb makes a great base for your password. You can also refer to your hobby. The phrase "I love read Chip magazine" might be a good idea.

Use of uppercase and lowercase letters. Correct spelling -
rather a disadvantage for a password. ILovereadChipMagazine looks better from a security standpoint.

Embedding special characters. You can also add a couple of special characters: "ILove/readChipMagazine2018$".

Double Authentication. Be sure to enable two-factor authentication to further secure access to the password manager.

It is integrated into all good dispatchers, that is, in addition to the master password for accessing the storage, you must enter the second factor. In this case, you can be sure that even if the master password along with the database falls into the wrong hands, access to it will still be closed.

Regardless of this, the overall safety of dispatchers is at a high level. The leaders of our test, LastPass, Dashlane and Keeper Security, win with well-implemented password strength checks, calculate duplicates, and even offer a backup option. All products not only save credentials, but also create secure passwords - each of them has its own generator integrated.

However, in practice, their technologies differ: LastPass, KeePass and Avira Password Manager do the best job. Their generators are impossible to miss, and besides, they visually display the length of the password. The mobile solution from Kaspersky is not so convenient: there is no generator in mobile applications, so strong passwords can only be created in the desktop version.

Credentials for applications and web services


In terms of ease of management, web services lead, and it's not just about simplified synchronization. In particular, 1Password, LastPass, and Dashlane demonstrate how to build apps the right way and keep up with the latest technology. For example, all three providers were very quick to adapt their apps to the Face ID scanner on the iPhone X. On top of that, biometric unlocking is much more convenient than entering long master passwords.


All password managers offer auto-filling of credentials in the browser to login to the site. For Windows programs and applications on smartphones and tablets, this method does not work. Here it will be easiest to copy and paste the data into the appropriate fields. Android, unlike iOS, makes this easy. For Apple's system, application developers need to integrate specific features to work with password managers. At any rate, for our leaders - LastPass, 1Password and Dashlane - there is a long list of supported apps that do without the clipboard.

All solutions have a search feature to quickly discover data. However, only 1Password, KeePass and Steganos allow the integration of multiple databases, thanks to which the user can, for example, separate personal and work accounts. The "Favorites" function is also very useful for displaying frequently used passwords - the data marked in this way is always at the top of the list.

Login to Windows without a password

Password managers store all credentials. The situation with logging into Windows is more complicated because you don't have access to the safe yet. Microsoft has integrated the Windows Hello function into the top ten, thanks to which user authentication can be carried out by scanning a fingerprint, face recognition or iris recognition. Devices such as , already have the technical means, since a conventional webcam is not enough.

Better than browser storage

All participants in our test integrate into Chrome and Firefox browsers, but only four test participants can cope with Microsoft Edge: LastPass, 1Password, Keeper Security and True Key. Speaking of browsers, their built-in managers are just a repository that lacks important additional features, such as a password generator. We advise you to turn to special tools in order not to lose peace and sleep because of the horrifying news about millions of stolen credentials.

1

@sam901 , well, Artyom writes about this. If you don’t want the program to “change the rules” along with the owner, keep your passwords to yourself. Otherwise, where is the guarantee that one day they will not be sold along with the program? :)

Although, I repeat, I am not legally strong, but in my opinion this is a deception of users who paid money for the program and in the West it would be possible to sue them. If you want to sell a business, sell it, and user data and access to it should remain with the owners. At least it should be possible to unload them.

And since “this happens everywhere”, please give at least a couple of examples. :)

@Soloqub, at least skype. There was a p2p service. MS was bought out and replaced with a traditional centralized client-server architecture. And both options have their pros and cons. For some, the advantages of p2p were very important and there were two choices - to agree to a change in the rules or to change the service. No one is going to support the old protocol.

Well, there are a lot of examples when services are bought out, closed and that's it. No more user data, go wherever you want. Picasa, for example. And it's good if some kind of migration plan is provided.

I have a rather counter question, but what's wrong? Business is not required to do anything beyond what the laws require. And then there is the EULA, where everything is perfectly spelled out, who owes what and to whom. And the fact that the old version will stop working. And the fact that in the new version you need to sign a new EULA, with which you give consent to send your data to the server, etc. etc. Do not agree - do not sign and delete the application.

The choice of service is always a compromise. Therefore, the article looks rather strange, because. one-sided and paranoid. There is a choice - there are completely offline services like keepass. There are cloud ones with different rules of operation. the lastpass I use is cloud-based, but it stores an offline version on the PC. Even in the absence of the Internet, access to passwords remains, there are no open passwords on the servers, the master password is also not stored at home, etc. Instead of paranoia and limited consideration of the issue, it would be better to sort out the choice in the market, and not row everyone in one pile.

@sam901 you don't seem to understand the situation very well. Vkarmane and was a completely offline program that stored data on users' devices. After the ransom, Tinkov “offered” to transfer all the data to him on the servers (now they will only be available online), or forget about them.

There is no way to just pick up your own. In fact, Tinkov did not buy a business (he is doubtful), but user data. And here there are big doubts about the legality of such a purchase.

There can be no comparison with Skype here. I think 99% of Skype users didn't even notice the migration to a centralized architecture. And those who noticed, lost the opportunity to use the service, but did not lose anything belonging to them, unlike Vkarmane users.

@Soloqub, that's why the EULA is worth reading. Because there probably is a line for consent to the processing of all data and a bunch of other things. But no one reads, but everyone wants to run to court.

As for understanding, I was talking about changing the rules of the game and this is normal and happens everywhere. I don't need to go into the details of a particular situation, which is similar for the most part.

As for the Skype migration, you clearly do not understand the essence of such a migration. p2p architecture means that the owner of the service cannot record / listen to conversations. Traffic goes directly from device to device. The change in architecture means full control of the MS over voice traffic, full access to it by special services, advertising bots, etc. etc. This is significant and no less serious than suddenly uploading your documents to the cloud.

Well, don't twist the facts. No one in your example has lost anything. Available online - available. All.

@sam901 , Of course, you need to read the EULA, this is also not the ultimate truth. Otherwise, taking advantage of the fact that no one reads them, it would be possible to enter anything there that by downloading the application you transfer ownership of an apartment to them, etc. Therefore, the question is not only in the EULA, but in principle in the legality of such an action.

And stop comparing soft to salty. Skype has never positioned its communication channels as secure. Nobody used it as such.
The transition to a centralized architecture is nothing more than Microsoft's internal kitchen. Users do not think about such things, just as they do not think about what routes packets go from them to the iphones site and back. They do not care.

As for Picasa, this service simply stopped working, moreover, Google warned about it well in advance. Users did not lose the photos that were stored locally and were added to the program, they did not discover that these photos would be uploaded to the servers of an unknown bank and would be available only after accepting the terms of this bank. These cases cannot be compared at all.

And you twist the facts. Access to documents is available only to those who fully accept Tinkov's conditions and give him the necessary data, such as a phone number.

To share with friends:
Similar posts