sites profile syncing

gettons's Avatar

gettons

03 Jan, 2018 01:53 PM

Hello there,

pretty impressed by the idea around it. I have started taking a look at the app, however I am struggling to find a way to keep the sites profile ( the one you can export - import ) on external storage. Ideally some kind of integration with cloud based providers ( or even webdav ) would be beneficial so that the user does not have to manually export and import if using masterpassword on a second device.
As the profile does not contain too much of sensitive data, this could be an interesting option.
The main benefit being the fact that you don't have to : 1) export/import OR 2) remember the site configuration for all you logins ( as some sites have limitations when it comes to length of password and/or allowed characters in the password field ).

I am not sure if anyone else has already investigated the above ?

  1. 1 Posted by Tuq Sagago on 03 Jan, 2018 02:01 PM

    Tuq Sagago's Avatar

    Apart from being unnecessary, I think your idea is superfluous and defeats the main purpose of this unique system.

    Do you fully understand how it works?

    Sent from ProtonMail Mobile

  2. 2 Posted by gettons on 03 Jan, 2018 03:18 PM

    gettons's Avatar

    I belive I do, but I am not entirely sure you understood my question. Apologies for the bad wording.

    What I am saying here is say you have 200 entries, with a mixture of Maximum Security, Long, Medium, PIN password types and want to export the sites configuration, the only way is to actually export the file and import. Unless you remember the password requirements are for every single ones ( characters allowed, max password length, etc... )

    Given the secure export file looks like this :

    # Master Password site export
    # Export of site names and stored passwords (unless device-private) encrypted with the master key.
    #
    ##
    # User Name: bla bla
    # Avatar: 0
    # Key ID: blablablabla
    # Date: 2018-01-03T15:09:10Z
    # Version: 22222222222222.5.2
    # Format: 1
    # Passwords: PROTECTED
    ##
    #
    # Last Times Password Login Site Site
    # used used type name name password
    2018-01-03T14:55:15Z 0 17:3:1 user1 blue
    2018-01-03T14:55:28Z 0 16:3:1 user1 orange

    I see little to worry about if this file possibly gets stolen. It's indeed not ideal, as login name together with other fields is used to generate the password ( along with the masterkey ), but I am not sure the burden of having to export and import again whenever you want to add a new site is much more appealing. Unless of course you do it manually on all of your devices.

  3. 3 Posted by Tuq Sagago on 04 Jan, 2018 01:35 PM

    Tuq Sagago's Avatar

    Personally, I don't see such a feature as a priority - given the speed and convenience of the current configuration together with the security benefits of it being off-line.

    Are the risks of third party cloud integration worth it? It may harm the reputation of mpw's USP which, for me, is its off-line nature.

    Have you considered using something like [Hazel](http://www.noodlesoft.com/hazel.php) or [Maid](https://github.com/benjaminoakes/maid)?

    Sent with [ProtonMail](https://protonmail.com) Secure Email.

  4. 4 Posted by Stefan Bühlmann on 16 Apr, 2018 03:04 PM

    Stefan Bühlmann's Avatar

    Hi
    I have the same wish&problem. I have some hundred accounts to manage.
    Some systems force you to use a certain login name (or your preferred is already taken - ok i can use the [email protected] notation).
    Some „clever“ admins force you to change passwords every 3 months.
    And some sites have annoying limits on password lengths or charactersets.
    The latter two aspects makes it really impossible to remember for 200 entries.
    And how can i transfer a list of 200 to another device? There is an export feature, but i couldn’t find an import function.
    If there were an export & import function, i could transfer it while inside a secure network.

  5. Support Staff 5 Posted by Maarten Billemo... on 16 Apr, 2018 03:22 PM

    Maarten Billemont's Avatar

    It's important to be conscious of the fact that Master Password is not supposed to be an app that keeps track of things for you.

    It is supposed to be a calculator. Calculators don't sync things.

    As soon as you start using Master Password to keep track of things for you, you're falling into the pit that we're trying to save you from. You become dependent upon state. If the state ever disappears due to loss or corruption, you are in the same bad spot as you would have been with a regular vault-based password manager.

    It's my recommendation that you try to simplify instead of trying to keep track of your complexity.

    Pick a default password template that best supports your use case. For rotating passwords, use the password counters. If passwords rotate based on chronology, use a counter that encodes the chronology so you don't need to remember the counter value itself. (eg. every year, increment by 10, every quarter of the year, increment by 1)

  6. 6 Posted by Stefan Bühlmann on 16 Apr, 2018 03:52 PM

    Stefan Bühlmann's Avatar

    Hi Marteen
    But why not an import function when you offer an export?

  7. Support Staff 7 Posted by Maarten Billemo... on 16 Apr, 2018 03:58 PM

    Maarten Billemont's Avatar

    There is an import function. Which app are you referring to?

  8. 8 Posted by Stefan Bühlmann on 16 Apr, 2018 04:01 PM

    Stefan Bühlmann's Avatar

    On the iPhone App

    Viele Grüße, Stefan Bühlmann, +41 76 41 41 824 Gesendet mit ProtonMail

    Sent from ProtonMail Mobile

    AN Mo., Apr. 16, 2018 bei 17:58, Maarten Billemont <[email blocked]> Schrieb:

  9. Support Staff 9 Posted by Maarten Billemo... on 16 Apr, 2018 04:02 PM

    Maarten Billemont's Avatar

    You simply open the export file, hit the share button and select Master Password from the options.

  10. 10 Posted by Stefan Bühlmann on 16 Apr, 2018 04:09 PM

    Stefan Bühlmann's Avatar

    Oh, thx

    Viele Grüße, Stefan Bühlmann, +41 76 41 41 824 Gesendet mit ProtonMail

    Sent from ProtonMail Mobile

    AN Mo., Apr. 16, 2018 bei 18:02, Maarten Billemont <[email blocked]> Schrieb:

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

 

07 May, 2018 12:35 PM
05 May, 2018 11:31 AM
05 May, 2018 08:13 AM
03 May, 2018 08:32 PM
01 May, 2018 12:43 PM
27 Apr, 2018 07:05 PM