Welcome to 2014

Welcome to 2014

The Passpack Team has been working very hard the last two quarters of 2013 to make this year the best year yet for our users and team. We are excited to welcome 2014 with a brand new look and feel for the web site, and we also have a few announcements.

Since 2006, Passpack has grown organically, amassing a huge trove of industry and product knowledge, which can be found in blog posts and the online help center. Moving the knowledge base and help center to a more modern application will take some time.  We are, however, working to keep it to a minimum and hope to have it completed within the next few weeks. We hope you will like the new look and feel.

The Next Generation of Passpack

We acquired Passpack in July of 2013. It was our intention at that time, to rapidly bring improvements to our customers. Our team set to work assessing the state of the Passpack application, and digging through the feedback and support databases to see what our users had asked for, and where we could make improvements. That was challenging. We love a challenge. We then set about building it, and that has also been very challenging! Good thing we really love a challenge. In the coming weeks we will be announcing a Preview Program so that we can get our users feedback in an effort to be sure that we don’t miss opportunities to build and implement the features they need and want.

The number of improvements is rather large, so we will make a dedicated announcement separately; a few of the major features in the coming version will include Native Mobile Applications and Native Browser Extensions for all major platforms. The team and group features are both simpler to use and much more powerful. We’re pretty excited about it, and we hope you are too.

We love to hear from you

We have been very quiet while we were working on the completion of this new release, but you will be hearing much more from the Passpack Team in 2014. Over the last six months if you have needed support or had a question, you’ve probably interacted with one or all of the team, and while we’re happiest when things work for you exactly as they should or are as easy to use as we’d all like them to be, we want you, our users to know that if you need support or just have a question about the company, our team is here for you. We believe that we have a great product, and that we have great people using it. We enjoy interacting with all of you, and value your feedback too.

Here’s to a great 2014, everyone!
Best Regards and Warm Wishes,
The Passpack Team

19 Comments

  1. Lorenzo

    It’s great to see a new blog post here and a new start for passpack. Good luck!
    One suggestion I have is add support for TOTP (2 step auth).

  2. Greg Pakes

    Really pleased to hear about the native mobile apps.

    @Lorenzo: I already use 2 factor auth with passpack using Yubikeys.

  3. Hi,
    great to hear about your new plans. I am looking forward to native mobile applications, BUT could you say a bit more about the new owners of passpack and how the team has changed? Basically I would like to know, who the new owner is and why my passwords will (hopefully) still be safe.

    thx,
    martin

  4. Roger Pillman

    Whoa, there should have been way better notification of changes coming. Passpack is a security website and when I saw the new website, I immediately assumed the website had been stolen and a phishing attack was set up. I go to the blog to see passpack site as a whole was bought in July 2013?!!?? Where was the announcement for this. My trust in passpack just plummeted. What next will you guys screw up? You want to move fast and bring new features to market as fast as possible eh? That’s how mistakes get made and a breach occurs. Spend years building up trust to blow it in one day.

    • admin

      Roger, perhaps the text of this post was not clear, I apologize for that. July was seven months ago. Passpack had not been actively developed for approximately two years prior to that. There have been no changes to the application since then other than necessary work around stabilizing the platform and performing very necessary security updates. That cannot be classified as “screwing up” by any definition. Many of our customers call it too cautious, we are satisfied that we are doing everything to ensure the stability and security of the platform for the people who have trusted Passpack since the beginning.

      Our public website is not hosted on the same servers the application servers, at no time would an upgrade to the public site risk the security of the Passpack application, again I apologize for any alarm that the change may have caused, hopefully we will regain your trust as you see improvements in security and communications.

      As an aside, the current platform will not change when we introduce the new application, it will remain available and fully functional, we will not ask our customers to move to a new platform until they are comfortable doing so.

      You are right we have done a poor job of communicating and definitely intend to fix that. We may over communicate for a while until we get it right!

      Doug Hill
      Passpack Team

      • Roger Pillman

        The long list of unfulfilled features was a problem. I get that and agree. But, solving those feature requests first under the old system builds trust, and that’s hard to build. What you’ve done is easier and worse, destroyed trust. No announcement for 6 months about ownership is quite simply unforgiveable. Changing the landing page without notice for a security website is unfathomly immature. And yes, I do really have grave concerns that there will be a headline next year, “Passpack leaves breach open for a day while implementing new features”, or, “Passpack new IOS app proven hackable within 24 hours”.

        I know you need to monetize, but you’ve got to understand everybody knows that. Don’t hide and backdoor it. How open will your new security protocols be? Where are the original developers? What is their role in this? Where are the new servers going to be located? What country? What privacy rules do you value and what legal pressure will you cave in to and give out our sensitive information? What benefits will original paying customers receive vs the new customers from now?

      • Jack Probst

        Agree with Roger 100%. The existing customer base are people that have stuck with passpack for a variety of reasons despite the lack of active development. For me and my company, it was the transparency of blogposts and accessibility of the maintainers.

        I was shocked to see that it was acquired 7 months ago without letting users know.

        The fact that you haven’t replied to Roger’s response is concerning. It’s been 36 hours, and for a site that deals with such sensitive company information, 12 hours would be an issue for me.

        I look forward to seeing your response below.

        (Also, could anyone just set their name to admin and pose as someone for the site? Going to test in a second…would also be a point of concern if this is possible)

        • Passpack

          Jack,
          The user admin in the comments above these and the user Passpack are the same user, The display name was changed and I didn’t check to see if it automatically updated the user name on older comments. You should NOT be able to pick Admin or administrator as a user name.

          We are working on a post to answer Rogers questions so that they get some visibility instead of being buried here in the comments that most people don’t read. I will give a short answer here though and leave detailed answers for the post.

          How open will your new security protocols be? They will not change it is based on the host-proof-hosting pattern. We will issue a white paper as soon as we can.
          Where are the original developers? The founders have moved on to other projects, Tara Kelly remains as an advisor to the company, and Franceso Sullo has been instrumental in the transition.
          What is their role in this? See above.
          Where are the new servers going to be located? What country? They are located in the US.
          What privacy rules do you value and what legal pressure will you cave in to and give out our sensitive information? We will comply with a valid request by law enforcement. This is a requirement for doing business in any country. You can take a look at the privacy policy to get details.
          What benefits will original paying customers receive vs the new customers from now? We are not planning on changing our prices, but we are looking at ways to reward the people who have stuck with Passpack over the years, perhaps some suggestions? What would you like to see?

          Doug Hill

          I think you will find us just as accessible, myself or anyone else you would like to speak to at Passpack are always available via email at support@passpack.com It’s a small team they make it to the right place.

          Doug Hill

  5. Phillip Reblin

    I’ve got to say that I agree with Roger. Seven months without a word that it was under new ownership, and then to sleight the folks that built Passpack. Passpack to me has always been about the reliability and security, not about the frills and new features. Are these changes coming about as improvements to the underlying security or to make money? I smell sales pitch not security mindedness. Although I have a free account I may begin looking for alternatives, because it seems that Passpack is moving away from being functionally oriented and becoming profitability oriented. With the original team it always felt as if they were there for the service and you were part of it, with just these few announcements, and terse response to comments, that feeling is gone.

    I’ll wait and see what’s to come, but I’ll definitely be doing some research in the meantime.

  6. Passpack

    Phillip, if you will visit http://passpack.uservoice.com/forums/49999-suggestions-feedback you will see a long list of requested features. Customers have been leaving or letting us know they will soon be leaving us because we haven’t implemented any of them. Working from those and customer conversations, and from customer support requests is how we came up with the improvements we are making to the product.

    I want to assure you that “slight of the folks who built Passpack” will never be and is not the purpose of any communications you will ever see from Passpack. Tara and Francesco did an awesome job with Passpack and we have nothing but the utmost respect for them.

    About profitability. Of course we must make money in order to continue to provide Passpack as a service, in our opinion the best way to do that is to provide the most secure, easy to use product with competitive features. We are a team of developers who care about security, there are no marketing folks on board, no sales people, just developers and customer service, that is pretty product and customer focused.

    Doug Hill
    Passpack Team

  7. Lorenzo

    @Greg Pakes: Yeah I know, I meant tools like Authy (authy.com) and Google Authenticator.

  8. Passpack

    Lorenzo,
    We are definitely implementing Google Authenticator, if you have any other methods you would like to see implemented send an email to support and we will take a look at it.

  9. Bhupinder

    I have been using passpack since 2006 and I must say it is the best…for some months I was feeling bored with the old look (but that was in my sub-concious mind ;) ) but hey you read it…waiting eagerly for the new looks and other features…
    best of luck

  10. Lorenzo

    Roadmap for some of these features (e.g. 2 factor auth with TOTP)?

  11. Bob Fry

    I too was surprised to find the change of ownership by chance, while taking my very occasional look through the blog. Unlike others, I don’t read sloppiness, incompetence, or greed here. On the contrary, while I respect the founders of Passpack, it was clear that they had become distracted or disinterested as of late and I was becoming concerned about the total lack of progress on needed improvements.

    Now that a new team with declarations of renewed energy to implement requests and apparently an eye on profitably is in place, I’m more confident. I have a free, 500 password account from long ago, and it’s occurred to me in the past to donate money to keep things going. But with no improvements whatsoever I lost interest. If improvements now happen I wouldn’t mind paying an annual subscription fee.

    • Roger Pillman

      You said you don’t read sloppiness, incompetence, or greed here. I suspect this is aimed at my comments and I would ask that you rethink your position.

      Sloppy is buying the original founders out and make no mention for 6 months.
      Incompetence is announcing plans to move passpack servers to the U.S., while the competition moved their servers to Iceland 2 months ago.

      As for greed, I’m a paying customer. I hope the old founders made a nice profit. I hope everybody providing a nice web app makes a profit. I just don’t want my security to be compromised by sloppiness and incompetence.

  12. Tobias R.

    Just some thoughts on what has happened here and what is means for existing customers.

    Obviously, Passpack did not really earn (much) money, otherwise there would have been no reason to sell for the original founders. And maybe they even were in trouble and somehow threatened (just read what seem to have happened to the guys from clipperz here: https://clipperz.is/blog/2013/12/27/leaving-the-US/). I assume the original founders did not receive much money when selling Passpack, but it seems they had their reasons to sell and not tell a word to their existing customers. The new owner is from the US and does not even have a Website, in fact the only information I could find is http://venturebeatprofiles.com/company/profile/kemesa/overview/. That does not increase trust, of course. Servers and data are in the US now, too. Even though I would never presume that the new owners are planning to do us any harm, to create backdoors or something like that, unfortunately they are operating their company under a legislation that basically at any moment can force them to do so, and they are not even allowed to talk about it without breaking their laws. And this is not paranoid, but just an evidence in our times (just look at Lavabit – and how many people do you expect to act in such an ethical way like these guys in such a situation, just closing down the company and deleting all data …).

    So that simply means that even if the new owners of Passpack are the nicest guys of the world with the intention to provide us the best password manager ever, they will always be threatened by their own government, which simply means that our data is no longer secure. By the way, this is exactly the same with ALL other online password managers I know (with a reasonable set of features), as they ALL are US-based. Until today, we did not hear about them having been forced to give data to the NSA, but does that mean that it did not happen or won’t happen in the future?

    We have been using Passpack for years with paid and free accounts, and the most importaht reason to choose it (and not Lastpass & Co.) was that Passpack was under Italian law. We are really sad, but we will have to move asap, because we can’t trust Passpack any longer.

    Doug, I really do not want to offend you and your new team, but I’m convinced that – as long as the US laws are like they are – there can be no real trust in an online password manager from the US.

  13. Nuno

    It is sloppiness not to proper inform users of ownership changes of a security focused service. I was really surprised with the new website and like many others I had to check if it wasn’t a phishing attempt. I guess you have learned your lesson and this will not happen again and you’ll be much more vocal about new improvements and changes of the service than the previous owners.

    The new improvements and features are welcomed and being a long time non-paying, non-commercial user I think it would be nice if I could at least maintain my usage conditions but any loyalty bonus would be a nice touch.

    I would also like give shout out to Tara and Francesco for building a great product well ahead of it’s time IMHO.

  14. Yay! Finally PassPack is coming to mobile!

Leave a Reply