This website only uses SSL. The only thing stored in your web browser is 3 cookies used to access your information once you login. Your passwords are stored in a Database using 256-bit AES encryption. This is the same encryption the Government uses.
They will only have your passwords that you enter on this website. We offer a password strength meter on your MyInfo page. This allows you to see the strength of your password. We strongly recommend you do not share your password with anyone, nor write your password down. We also strongly recommend you use a password that has a strength of 100%.
Your password is only as secure as you make it. In order to protect other passwords using our website, we recommend the following guidelines:
In order to change your password or email address you will need to request an Authorization Ticket. This ticket number is emailed to you. The ticket is only valid for 24 hours. You then need to enter that ticket number (we recommend copy and pasting it) when changing your email or password. The reason we do this is that if your account is comprised without your knowledge, as long as you have control of your email address the person will not be able to change your email or password. It might seem like a minor inconvenience, but it helps to keeps your account secure.
Due to the nature of the site, since all your passwords are encrypted with your password, we are not able to reset your password or even tell you what it is. If you forget your password, the only thing is to create a new account and start over. There is no password reset.
We only store your email address in our records. We ask this when you sign up so that we can send you an initial password. If the email address is not valid, the account will be deleted after a couple of days due to no activity. We also store cookie information. We store your username in a cookie in order to identify who you are on our website. We also store a session-id cookie. This cookie is used to cache your password on our server so we can decrypt your passwords for you when you request it. This cookie has no identifiable information in it to indicate which cookie belongs to which account on our server. We also store the category you are currently viewing when checking your passwords.
In order for the website to display your passwords for you, or for you to auto-login to certain websites, we need to cache your password on our server after you log in. There are certain steps we take to ensure that this cache does not get compromised, thus protecting your passwords.
No, and yes. By default we do not monitor your activity. You can however turn this on if you'd like for your account. This will allow you to receive emails anytime anyone (you or someone else) logs into your account successfully, or on failed login attempts. You will also be able to track the history of logins/logouts. Again, this is completly optional and we will not track it unless you turn it on.
There are certain websites that do not support our method of auto-logging you in. Others we just have not added. If you know of a website that you would like added, please feel free to contact us and let us know the website. We will add the website in Beta mode 1st so that you will be able to try it and let us know the results. We can only test websites that we have logins for and we will NEVER ask for your login information (and we cannot see the information stored either).