handling of the master password

Discussions and Tech Support related to the iMacros Google Chrome extension.
Forum rules
Before asking a question or reporting an issue:
1. Please review the list of FAQ's.
2. Use the Google search box (at the top of each forum page) to see if a similar problem or question has already been addressed. This will search the entire contents of the forums as well as the iMacros Wiki.
3. We can respond much faster to your posts if you include the following information:

CLICK HERE FOR IMPORTANT INFORMATION TO INCLUDE IN YOUR POST

Answering your own posts (e.g. attempting to "bump" your topic) drops your topic from the list of unanswered threads, so it may actually receive less views.
Post Reply
js27
Posts: 2
Joined: Thu Mar 18, 2010 9:16 pm
Contact:

handling of the master password

Post by js27 » Thu Mar 18, 2010 9:33 pm

Hello,

my first thread, here. :)

want to ask something rather exotic: in Opera webbrowser, the password manager overwrites the master passphrase: http://list.opera.com/pipermail/opera-u ... 17667.html

I'm in human rights, and some police doesn't exactly like our business + has interest in contacts, so it is important to me that when they read out RAM, the password isn't in there, anymore. does iMacro have some overwrite-functionality? and, even if wiped, would it be possible - I mean: once logged in - to access?

thanks in advance ^_^
Judith

PS: I know that it's not built for that level of requirement
User avatar
Tech Support
Posts: 4948
Joined: Tue Sep 20, 2005 7:25 pm
Contact:

Re: handling of the master password

Post by Tech Support » Tue Mar 23, 2010 4:05 pm

Hi,

This is a good question!

iMacros for Firefox, iMacros for Chome and the upcoming iMacros V7 work exactly as the Opera password manager.

Please note that while the web browser is open, the password stays in memory. AFAIK this is the same with Opera. I know that it is the same with Firefox.

But I do not think that this is a security problem: Because if somebody (some spyware) has access to your PC memory, it could easily log your keystrokes in the first place. So once you have such a spyware on your system, neither iMacros or Opera can protect you.

However, if e. g. your laptop with the iMacros macros (with the stored passwords) is stolen, they are safe! I personally use iMacros for all my passwords :)
User avatar
Tech Support
Posts: 4948
Joined: Tue Sep 20, 2005 7:25 pm
Contact:

Re: handling of the master password

Post by Tech Support » Tue Mar 23, 2010 4:09 pm

The AES encryption source code we use (enc.js and rijndael.js) it available for download at http://www.iopus.com/imacros/support/passwordtool2/

The same code is used in all iMacros versions.
js27
Posts: 2
Joined: Thu Mar 18, 2010 9:16 pm
Contact:

Re: handling of the master password

Post by js27 » Sat Mar 27, 2010 6:57 pm

Thank you for your answers. This is really strong. :)

With RAM-access, I rather meant on hardware side (read somewhere that it's possible, though some technical effort; for Wuala wanted to have my PC online after going out, but I guess it's best to turn it off).
Post Reply