Forums Help & support I can't log in (android) Reply To: I can't log in (android)

#7741 Reply

Harvey P

Glad to hear it’s working for you David.

As mentioned, there are several reasons for sending sensitive information to the server, including the use of the online password manager.

I don’t use the online password manager (I use Password Safe instead) so I took a look at the AxCrypt one and I saw that the passwords would be visible on the website.

I was under the impression that it was a file downloaded and decrypted on the device. I see it’s not; it’s decrypted by the server on the fly.

With respect I think the password manager service should be gracefully retired as it offers a poor level of security and comes with the risk that the password is transmitted to the server and could:

  • if stored, be decrypted by employees
  • if intercepted by hackers, allow decryption.

AxCrypt is great but the password manager isn’t.

I agree that it’s the person’s choice if they choose to use the password manager but with zero knowledge services out there like LastPass and 1Password it’s difficult to justify using a password manager service which isn’t especially secure.

I now understand why some people on here keep talking about the Offline Mode.