Missing App: A Browser that Does Passwords Right

During the day, as I work on my job-related as well as extracurricular activities, I visit a lot of websites. Many of those websites require passwords. Working on my laptop, logging into those sites is a breeze – I use LastPass to store all of my passwords, and the program works flawlessly to fill in the correct password, or in some cases automatically log me into the site. Even better, LastPass keeps all of my passwords synchronized online, so I can safely access them no matter which computer I happen to use. I know a lot of you use 1Password or KeePass with similar results – they are all great programs that have transformed the way we manage our passwords.

So why can’t I have the same password experience on a mobile device – in my case, an iPad? Sure, LastPass, 1Password and KeePass all have iPad and iPhone apps, so I do have access to all of my passwords on the iPad. But it’s a clumsy process; when I browse to a website that requires a password, I have to go to the LastPass app, log in, search for that website, copy the password, then go back to my browser and paste it into the blank. If I don’t remember my username, I have to do the same process all over again. Why can’t iPad browsers have this key functionality built into the device?

I know what you’re thinking – Safari offers to save a password when you enter it, right? You’re right – and the next time you visit that site, Safari will fill the password in for you. The problem is, that password then lives only in Safari. The benefit of a good password manager is the ability to sync it among devices; siloing the passwords in a browser is ultimately not that helpful.

You might also ask, doesn’t LastPass have its own browser? Yes, it does – the LastPass Tab Browser (http://bit.ly/bLbiCo) connects directly to your LastPass account, and will fill in the username/password when you visit a login page. But it’s a pretty simple browser – you can’t save bookmarks, and it doesn’t have the bells and whistles of the Atomic Browser (http://bit.ly/Aijo4g) or even Safari. Further, it can’t handle sites where you might have multiple accounts – for example, I have three Twitter accounts, but LastPass will only fill in the password for the first account in your list. So although it gets me halfway there, it’s not a good solution.

So that’s my wish – for a browser app that gets password integration right, so my web browsing can be seamless and uninterrupted. If one of you – LastPass, 1Password, or KeePass, any of you – creates a browser that works well, or provides a plugin for Safari, Atomic, Dolphin, or other popular browser, you will have an instant, forever customer. That wouldn’t be too hard to do – would it?

6 comments
ComputerPhil
ComputerPhil

Also been using @roboform  for years and love the addition of RoboForm Everywhere to my smart phone and tablet. Great product and well supported, very user-friendly.

JFBrashear
JFBrashear like.author.displayName 1 Like

Like @seninachung, I use @roboform to store and automatically fill-in all my passwords. It will also store and automatically fill in your two factor authentication questions (e.g., what was the name of your first pet), and fill in web forms with information like your name, address, credit cards, etc.

 

I used LastPass on my Mac, but now I use Roboform Everywhere - literally everywhere - to automatically keep my passwords synchronized on my Windows and Mac laptops, etc.  You can easily view the login information for all of your web accounts by logging into RoboForm Everywhere from your mobile browser. It's offered on a SaaS subscription model.

 

Like @TomMighell, I wish for a password log-in applet that worked directly from mobile browsers like RoboForm does in native IE, Chrome, Safari, Firefox and Opera. RF does have iPhone and iPad versions with built-in browsers. The RF website says somewhat mysteriously "There is currently no direct integration with Safari itself, due to limitations we must abide by."  The situation is similar for the RF Android version. The RF Blackberry app is really clunky - just a viewer, and it lacks the seamless sync functionality of the other versions.

 

I also dream about a password management application that would periodically and automatically change my strong passwords, then sync them across my devices. I'd want it to confirm before doing so, but not merely be a reminder service. That automatic change function would, however, require the application be able to determine the password "rules" for each website, and there's little consistency in what passwords websites demand or will accept.

 

So, maybe my first wish should be that website providers standardize their PW rules.

econwriter5
econwriter5 moderator

 @JFBrashear  @seninachung  @roboform Standardizing password rules would be an excellent first step. I also like the automatic password change.

 

Being able to use @twitter or @google or OpenID is helpful but not every website uses one, or any of them. Presents issues too. Just occurred to me that I'm uncomfortable with the idea of having all my passwords stored in one spot, but I don't give much thought to logging into a service via Twitter.

JFBrashear
JFBrashear

Hi Gwynne @econwriter5 

 

On balance, I think all the good password management applications mentioned in this post can benefit your password security.  

 

@RoboForm allows me to use unique, random, long passwords for each of my web accounts. So, even if a hacker got credentials for one of my web accounts, they won't have access to the others. I can do the same thing with UserIDs, unless the web account forces me to use my email as my userID. (BTW - I think forced use of email addresses as UserIDs should be banned. I understand why some websites may want you to provide a valid email address, but you can change that easily enough.)  In some cases, my UserID is 50 random characters. 

 

You may be thinking "Yeah, but what if they hack the RoboForm database?!" Of course, nothing completely eliminates online risk - except unplugging from the grid. I take comfort in using the Master Password option in RoboForm, which encrypts my log-in credentials with a "strong" password of my choosing. So, all my log-in information stored in Roboform is secured by 256 bit AES encryption, just like it is on my laptop, and all I need to remember is one strong password.

 

It's also pretty cool that when I'm using a computer temporarily (e.g., at a friend's house), I can log into RoboForm Everywhere via SSL and have all my web account log-ins available, but none of it is stored on that computer. (I can do much the same thing by connecting my smartphone or a USB thumb drive and running the RoboForm2Go application.) I don't key in any passwords, which is a plus in case they have a key logger. (That's not complete protection from key loggers on shared computers, although a good password management program might help somewhat. See http://www.roboform.com/anti-keylogger.html)

 

Jim

seninachung
seninachung

I used lastpass foe several days, then switch to roboform.I also use the auto-fills feature of avant browser or password manager of firefox, they each have its own advantages which saved me a log of work.

JasonPhillips
JasonPhillips

@seninachung Love Roboform but the iOS versions cannot edit passcards.

NjAtty
NjAtty like.author.displayName 1 Like

Hear, hear.

Trackbacks

  1. [...] April 11, #sfi resident iPad guru Tom Mighell suggested that someone develop an iOS app that “Does Passwords Right,” and while I am in 100% agreement with Tom, after reading his post, I got to thinking about [...]

  2. [...] could use some tweaking. For example, I couldn’t agree more with Tom Mighell about a mobile Browser that Does Passwords Right. But that isn’t a new app. It’s an improvement on an existing app. Or, rather, several [...]