All posts in “Passpack Lounge”

Gawker Password Leak: Quickly Double Check for Reuse

There’s a lot of buzz around the Gawker Media leak of 1.3 million user accounts. If you use Passpack, you’re probably safe since you likely have unique passwords for every site.

From the the notice Gawker sent out (my emphasis):

This is what you should do immediately: Try to change your password in the Gawker Media Commenting System. If you used your Gawker Media password on any other web site, you should change the password on those sites as well, particularly if you used the same username or email with that site.

3 Quick Steps to Double Check

Here’s a quick way to double check your Passpack account, and make sure that your Gawker media password is not reused elsewhere.

  1. In your account, search for the names of any of the Gawker sites that you might have created an account and password for. Those are:
    • Lifehacker
    • Gizmodo
    • Gawker
    • Jezebel
    • io9
    • Jalopnik
    • Kotaku
    • Deadspin
    • Fleshbot
  2. Once you find an entry for one of these sites, copy the password.
  3. Paste the password into the search box now.

If no results are found: congrats! You’ve never reused the password and no other accounts are at risk. If you DO get a result, go change that password at the website, and make sure to record the new one in your Passpack entry.

Rinse and repeat for each one of the Gawker websites listed above.

If your business relies on protecting the access to your online accounts (and even “just” protecting your commenting cred accross the web), we highly recommend you take a moment to also do a more systematic check for weak passwords and change them.

Friends Don’t Let Friends Reuse Passwords

Remind your friends and coworkers to choose and use a password manager (I don’t care if it’s Passpack or not – just get them set up and safe for goodness sake!).

Know a business owner who needs some guidance in getting set up? Send them a note and attach Passpack’s PDF Getting Started Guide.

They’ll thank you for it. Really, they will.

Evolving Passpack's Privacy Model

Passpack’s job is to let you store and share private data (passwords) in way that not even we can see them on our server. While it sounds very straightforward, that definition has been in the making since Dec. ’06.

When we first launched Passpack, we equally stressed both data privacy & security and personal privacy & anonymity. It’s anonymity that is up for discussion today.

Currently Passpack’s architecture has some throw-back structures to these early beginnings. Moving forward, these residual elements make it increasingly complex to solve what should be simple problems for you.

We’re planning some significant changes to the architecture, which will allow us to get a move on with some of the important features you’ve been requesting. But before we do so, we wanted to let you know about what those changes are, and give you a chance to voice your opinions.

Shared Tags, Global Groups & More

First – I’m going to details the pros and cons here, and at the end of the post there’s a survey for you to express your thoughts.

Share / Transfer Tags

This is the feature request that first made us wake up and rethink our architecture. It should be an easy enough thing to do to allow you to tag an entry, share it, and have the tags shared along with the entry itself. And technically we could do it with the existing architecture, but to do so would take an enormous amount of time and effort… and really would just be just postponing the underlying issue: are we making our users’ lives harder than need be by obsessively over-encrypting?

Current state - All tags are HPH encrypted in a single monoblock. On the server, Passpack doesn’t know the names of your tags, nor which ones are used on which entries. All of that matching happens on-the-fly on your computer after you’ve logged in.

The change – We’d like to remove the encryption from tags. This will mean that we may know what tags you are using. But unless you’re doing something really odd like using your password as a tag, this shouldn’t actually compromise your password privacy.

Global Groups & Group Admins

Global groups would allow folks to know when they’ve been assigned to a particular group and who else belongs to it. Building on that would be the ability for an account owner to designate someone inside the group as an administrator with permission to manage sharing privileges on the owner’s behalf. Both are pretty basic in most collaboration systems. Both are not possible with Passpack’s existing structure.

Current state - Passpack’s server knows the sharing nicknames of the people you’re connected with. But it does not know the names of your groups, if you’ve renamed any of your people, or which people belong to which groups. Like with tags, all of that matching happens in real-time directly on your computer. Groups exist locally, in your account, as an organizational tool only. The server knows nothing of them.

The change - We must first and foremost make the server aware of the groups you have created, and which people are assigned to them. This will reveal something about your organizational structure to Passpack, but will not compromise the privacy of your passwords.

More Flexibility in Entries

There are a bunch of suggestions in the forum which revolve around the concept of making entries more flexible. Things like customizing entries or storing things other than passwords would work perfectly fine with the system as-is. However some things, like setting reminders and tracking usage are inherently non anonymous, thus in conflict with the existing architecture.

Current state - The name, user id, password, notes, link and email of each and every entry are all HPH encrypted, in a single monoblock. If the entry is shared, Passpack knows the sharing nickname of all the folks involved, but that’s about it.

Also, the activity logs you see in your home page are not persistent. In other words, we can’t actually keep a running log.  Similar to the current approach with tags and groups, the changes in your account are deconstructed by the interface and  shown on screen as a notification on-the-fly. Once you log out, and log back in, that information is gone.

The change - We essentially want to split up the data between “needs to be encrypted” (password and notes) and “doesn’t need to be encrypted” (link and entry name).  While we could make some enhancements to entries now, it would be largely more scalable once we make this split. Also some items, like notifications, simply can’t be fixed unless we make this change.

Bonus: Customer Support

We often have folks writing in saying things like “hey I need help with the 5 entries that I shared with the group ABC.” or “the 10 entries for my tag XYZ” or simply “my Amazon entry”.  Alas, as of now, none of that information can help us locate your encrypted entries in our database. Usually, a lot of back and forth with the customer ensues to try and figure out which entries are the problem ones. It’s frustrating, or sometimes impossible and we’re literally unable to help.

The History of Passpack’s Architecture

For those who don’t already know, Passpack is Host-Proof Hosting (HPH). That means that not only is all your data encrypted, but it’s encrypted on your computer, before being sent to Passpack’s server for storage. The key to decrypt and read that data is your Packing Key, which never gets sent to the server at all. The net result is that Passpack only stores pre-encrypted data to which it does not have the key (aka: we can’t read your stuff).

That’s not changing. We are, and will always be a HPH company (heck, we’re HPH pioneers!). What is changing though is which data HPH gets applied to it, and why.

Striving for both data privacy and anonymity required us to apply HPH encryption to as much account data as possible. We jumped through amazing hoops to avoid accidentally finding out who our users were, or anything about them for that matter. But even back then, we knew a line needed to be drawn between reality and theory. We just chose to draw it in a different place than where it needs to be now.

Anonymity was a big request from our early adopter. Many early architectural decisions were based on their desire to keep their identity and activity on the web completely hidden. This was much more important to than, say, ease of use or convenience.

That was many years ago. Since then, Passpack has evolved into a collaboration tool used mostly by work groups and businesses. The large majority of these folks have a much bigger need for easy, convenient solutions, than they do for anonymity.

So… time to make some changes.

Tell Us Your Opinion

Ok, so I’ve laid it all out for you, Now tell me what you’re thinking with this super quick survey below.

Have We Told You Lately That We Love You?

This morning, going through the replies to the mobile readiness survey I came across this very disheartening comment:

Did we forget something?
Your users who don’t use the mobile or desktop version…

Reading that felt like a punch in the gut. To the question “what’d we forget”, the answer was “your users” [cringe]. This a much bigger problem than the recent emphasis on mobile and Desktop development. It sparked me to do a little soul searching. I’d like to share some of that with you in this post.

The Fall From Grace

When we first started Passpack, we had your support, because we supported you. We chatted with you in email, over twitter, and here in the blog. We were Tara and Francescotwo founders against all odds, working from the living room and building an amazing product for you. It was awesome.

Then something changed. I think it all started with getting funded… the money, the budgets, the board members… it all distracted us. We made rookie mistakes: the blog became an oddball “industry news” thing and eventually just dwindled down to the occasional product announcement it is now; we recruited folks to help out with chatting with you out there in the wild, which backfired and came off as spammy; we hired so many new programmers that development came to a near-complete halt as we tried to train them.

We basically made every mistake in the book. We messed up.

The Incredible Come Back

In December 2008, barely a year after funding, and with a big recession looming, we were close to having burned through nearly all the cash we’d raised. So we did the first smart (though hard) thing in a while: we let the entire staff go.

Product development resumed, even though Francesco and I were frankly exhausted. We’d put ourselves, the company, and you folks through the ringer.

But we were also really determined to turn it around. And we did.

Some of our investors stepped up to the plate with follow-on cash. We wanted it to last as long as possible, so I stopped pulling a salary, Francesco slashed his, and Passpack moved back into the living room.

It worked. In May 2009 we released Passpack 7 with secure sharing. It was a triumph of blood, sweat and tears. And we did it on our own.

Today’s Reality Check

And we did it on our own.” That’s today’s reality check. It means we stopped paying enough attention to you: our users, our customers, our super-awesome beta testers and (sometimes even) our friends.

That’s bad news. As of today, I’m vowing to make it right.

The Naked Truth

Amazingly, Passpack is now in pretty good shape. Yes, we’re down to two full-timers, but we’re also nearing the much-sought-after break even point.

What does that mean for you?

For one, it means you guys are much faster at suggesting improvements, than we are rolling them out. We have to put new features in a very tight pipeline, doing just one thing at a time (the desktop/mobile juggle was an example of this). Sometimes it means we have to postpone really big projects until revenues grow further and we can invest in them properly (I believe in doing it right, or not doing it at all).

So are we as fast as lightening? No. But the good news is that we’re no longer distracted. We’ve learned our lessons. And we’re fully dedicated to you.

What Next?

I’ve been setting up some surveys here and there, and have been closely following progress on the suggestions forum. I’ve added a known issues page so you can keep track of what we’re up to as far as bug fixing. And while I’ve slowed down on Twitter personally, I’ve also set up a @passpackhelp account that you can ping for… you know… help.

But I want to do more. I’d like to talk to some of you, perhaps set up a call or grab a coffee. I’d like to hear what you have to say about Passpack – not just features, but what challenges you face with it, or how it’s succeeding in helping you.

Are you willing to chat with me? Get in touch.

And thank you. Really, really thank you.

Passpack & Carley Knobloch at BlogHer 2010

A bit of news while you’re waiting for the mobile release – Passpack will be sponsoring Carley Knobloch of Mothercraft fame at this year’s BlogHer event.

For those who didn’t catch it the first time, Carley did an awesome writeup on Passpack a few months back. SO awesome we jumped at the opportunity to have her represent us at BlogHer. Here’s just one of the videos she did up for the conference:

Check out the all three Passpack videos on Carley’s blog.

Carley is a life coach who helps frazzled families embrace technology and simplify life. So if you’re in NY this week, look up Carley at BlogHer – she’ll be the spunky girl geek defrazzling her fellow event-goers while demoing Passpack on her shiny new iPad.

… hey wouldn’t it be really cool if Passpack unveiled it’s mobile version at the show? Hmmm….

New Features From the Suggestions Box

While we work on the upcoming mobile release, I thought I’d reach out and ask for your thoughts on a few other ideas from the suggestions forum. Like ‘em? Vote ‘em!

Pre-populated Accounts

Having a hard time getting staff on-board? This idea is for creating shared accounts for them, from inside your paid administrators account. No more waiting for replies to invites.  Vote for it here.

(tip: Download the Getting Started Guide for Administrators PDF)

Suspicious Activity Alerts

Get an email or sms when someone logs in from outside a designated IP range. Vote for it here. If you like this, you might also like the Logs & Audit trail idea.

Password Reminders

Set an email alert when it’s time to change a password or for other “things to do regarding this entry”. What do you think? Let us know how you would use a feature like this.

Account Beneficiary

Delegate a person (or people) that can recovery your account in the event you get abducted by aliens. A fancy alternative to saving a print-out of your Passpack login. Vote for it here.

Passpack OpenID Provider

So you have some OpenID accounts, each with it’s own password, which are stored in your Passpack. Cool. If Passpack were an OpenID provider, would that save you some clicks? Vote for it here.


Now you folks go off and vote. It’s head’s down working on the mobile version for me. Coming soon to a smart phone near you.

Your Suggestions with Uservoice

We’ve switched the Passpack suggestions box to the Uservoice platform. Check it out, you can see the status of your suggestions, as well as converse with us about what’s going on.

You can access the forum directly by connecting to Uservoice. Or from the Suggestions & Feature Requests link in the Help Center, or from the Feedback tab on the main website.

Your Votes Are Counted

We surveyed all the suggestions you’ve made to date, across our various systems – suggestions box, help tickets, personal emails. The votes you’ve cast have all (hopefully) been migrated. No need to re-vote.

Guess What, We Do That Already

The main reason we opted to switch was so that we could actually reply to you about your ideas – especially when you suggest a feature that Passpack already has. Here’s a few ideas that we didn’t migrate over to the new system.

“It would be nice to be able to organize passwords in folders or something”“organize password in a multi-level folder tree” - “create password categories”

No folders, we have tags. We even have related tags for an easier drill down. You can view them as a cloud, or a list, or inline in your password table. This should cover all your folder and sub-folder needs. Le Roi est mort, vive le Roi!

“Allow import of tab-delimited text files”

You can use the CSV import option. On the second screen, change the Choose the field separator option from “comma” to “tab”. And you’re ready to go. We’ll change the term “CSV” to make that a clearer.

“On the startup options page, if I choose Password as my primary tab, please add a sub option: Show only Favorite entries. “

Um, that’s there.

“Create a user voice site for Passpack”


Have Mercy!

We take all your suggestions seriously into consideration. Serious consideration takes lots of time, and planning. We are a two person team and sometimes get bogged down. So bear with us: we’re listening, working and will keep truckin’.

Thanks everyone for all your support and suggestions! You folks are truly fantastic.

Coming Up Next at Passpack: Groups

I’ve been stingy with the blog posts as of late, so I wanted to drop in with some news on what we’ve been up to, and what’s coming up next – Groups & Localization!

For the past 5 months or so I’ve been traveling, while Francesco has been preparing some important Passpack changes. Let’s ignore the traveling since you can read all about that on my personal blog, and jump right into the exciting new stuff.


Just one small word, but chock full of Passpack power. The next update you’ll see to your account is the ability to share not just with single people, but with entire groups. This is incredibly useful for provisioning passwords, for example, to an entire department.

Right before the official release, we’ll stock up the Help Center with how-to articles for you. But here’s the gist:

  • Add a shared user to a group and their account gets populated with all the password entries that have been previously shared with that group.
  • All changes are automatically propagated across the group.
  • Remove someone from a group and all group-shared password entries will disappear from his/her account.

Localization Tool

For those of you wishing you had Passpack in your own language – your moment is coming.

Following the Groups release, we’ll be finishing off a few smaller features to round out the both the free and business packages. The next big thing you can expect though will be a localization tool. We build the tool, and you (the community) can translate until your hearts delight.

Until then, welcome me back, and get ready for 2-3 months of intensive development.

Tales From the Suggestions Box

As you all know, Passpack has a suggestions box (you do know that right?) where you can vote up the most requested features, or send us your own ideas.

Since you won’t get any reply when you leave a suggestion – write into the help center if you need a reply – but here are a few interesting things we caught in there that I wanted to respond to:

Please allow sharing of logins/passwords with multiple people for free.

We do that! The free account allows you to start active sharing with 1 person AND you can receive passive sharing from an unlimited number of people. Read this article for a how-to.

The mobile app (for the iPhone) should be free.

Hm, well, we don’t have the mobile interface rolled out yet – but it’ll be free.

When I register at a new site, I want save it to Passpack at the same time, rather than having to go back and retype all the info into an entry.

Yup. That’s coming in soon with Auto-login 2.0 (in private Beta testing now).

“Copy password to clipboard” button for logging in to sites without the standard auto login.

You can do that now from your password list, here’s how. Also, the Auto-login 2.0 will extend that feature greatly.

Also, don’t forget that we use the number of votes a feature request gets to help us prioritize the development schedule. Right now, the mobile versions and Desktop improvements are leading the pack – so use the checkboxes on to vote for your favorites.

This Week In Privacy: July 18, 2009

The Tech Herald

Possible Link to Twitter hack – GMail Vulnerable to Password Cracking
How was Hacker Croll able to break into accounts that were compromised during the Twitter attack? Here’s a look at a possibility.

GBM Poll: How Often Do You Change Your Password?
A look at some common sense tips about passwords and just how important it is to change them and protect them.


Does Twittergate Point Towards Bigger Cloud Security Issues?
Why should we pay more attention to security on the web? One reason could be the recent headlines of Twitter co-founder Evan Williams’ having his Google Apps account hacked.

GBM Poll: How Often Do You Change Your Password?

This Week In Privacy: July 11, 2009

Government Computer News

With Passwords, Simplicity Can Equal Strength
We all know that ‘remembering’ complex passwords can be a bit troublesome, which is why we use password managers, but if you insist on keeping a few passwords to memory you may want to hear these tips.

Tips For Fighting Identity Theft
With all the info out there on how to protect your identity online, there’s no reason to keep your sensitive info unsafe anymore.