BD Wallet vs Firefox Password storage

Discussion in 'other anti-virus software' started by JerryM, Sep 3, 2013.

Thread Status:
Not open for further replies.
  1. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I use FF and recently have changed my AV to Bit Defender. BD has Wallet which is a password manager. FF also managed passwords.

    Is there any reason that Wallet is more secure than the password manager in FF?

    Thanks,
    Jerry
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    Hey Jerry,
    there is malware which have the ability to Steal passwords from browsers.
    I prefer to use an offline standalone password manager and In my case I use keepass.
    I have no experience with bitdefender password manager so no idea how good or safe it is.
     
  3. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Thanks, Lodore. I did find this on the BD forum.
    Quote: "That’s why Bitdefender has created Wallet, a utility that ships today with the New Bitdefender. This virtual wallet can be used to store bank account numbers, PINs, credentials for websites, e-mails, subscriptions, applications or wireless networks, keeping all sensitive data together and encrypted in a single location locked with a master password." End Quote

    It sounds good, but I admit my own ignorance regarding such things. I do not know if the password managers by the browsers are encrypted or not.

    Regards,
    Jerry
     
  4. FOXP2

    FOXP2 Guest

    IMHO, how secure or not is a password manager is a matter of trust between the user and the developer. One can only review the feature set advertised, poke the forums and reviews if any, and make a decision.

    A password manager could be anything from a password protected text file you open as needed and you read/type your login strings to an app where you click on the My Walla-Walla Bank Account item you created and the next thing you see is your accounts home page in the default browser or one of proprietary association.

    I'm surprised the merits and drawbacks of stand-alone, integrated, plug-in/extension, Web/cloud based, etc. etc. solutions aren't self-evident or otherwise readily researched and simply concluded to by a Wilders Massive Poster.

    Anyhow, in Firefox to the best of my remembrance, passwords are stored in the signons.sqlite file, triple DES CBC encrypted via the key3.db file unique to its profile if you enable Use a Master password... in Options. I can't say for Chrome or Opera or IE, but how stupid would that be if their password stores weren't encrypted and as such the subject of long term well-known universal scorn?

    FWIW, I run the freeware FlyingBit Password Keeper, portable from a switch-locked USB stick. (The developer's online presence is currently in revision, so Softpedia is the preferred source.)

    Personally, I wouldn't run anything where my password store point is in the cloud but if my mobile needs were more complicated I might re-align that opinion.

    That quote from the BD forum doesn't say anything about where your data are stored or what encryption is used. You should search engine of choice on that.

    And then there's that https encryption/certificates gorilla-in-the-room... :ouch:

    Good Luck and Cheers.
     
  5. FreddyFreeloader

    FreddyFreeloader Registered Member

    Joined:
    Jul 23, 2013
    Posts:
    527
    Location:
    Tejas
  6. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    539
    Location:
    United States
    Certainly, each application (web-browser and storage manager) comes with inherent security risks and adds to the users attack surface area. What we can say for certain, is an internet facing application such a web browser is at much greater risk of attack. In general, companies generally don't have the best track record when it comes to data protection. I'd be hesitant about trusting cloud and browser based storage solutions. Especially about relying on the encryption services they provide. If you must transport or store confidential information, than keep it stored on a non-networked device. You should always keep the data encrypted (not in plain-text), and only connect to it as needed. The portability of these devices put your data at even greater risk. One of my older MP3 players could act as a portable storage device, when switched to data storage mode. This had be thinking about re-purposing other stuff for password storage on the go.
     
  7. Charyb

    Charyb Registered Member

    Joined:
    Jan 16, 2013
    Posts:
    552
    I wonder what happens when your Bitdefender subscription runs out and you don't wish to renew? Can you no longer use Wallet? If not, then I don't think I would spend the time entering all this information into Wallet.
     
  8. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I don't enter info into Wallet. I go to whatever sites as I normally do, sometimes with passwords saved by FF, and Wallet takes care of remembering the passwords as I have "checked" that option.
    I do have a 2 year subscription so that will be far in the future if I don't change AVs. So far I like BD so well I am not thinking of changing.

    Jerry
     
Loading...
Thread Status:
Not open for further replies.