Clipperz – Competition for PassPack?
April 03, 2007 |
I recently professed my love for PassPack. However, I am a techno-weenie, and when something that promises to be even cooler comes along, I am compelled to at least give it a test run. Clipperz has been getting quite a bit of press lately, and when we here at Profy were asked to give it a look, I jumped on the task. I'm not the most organized of people, and if someone is going to promise to keep me organized even better than someone else, well, I'm going with whoever emulates an online Martha Stewart best.
Clipperz claims it is “more than a password manager” by touting its three features: secure password manager, single sign-on solution, and “digital vault for all your secrets.” By using Clipperz as your go-to site, you can log into any site from their interface, simply by saving your log-in information for the site to Clipperz. It also claims anonymity because, like PassPack, you don't ever use your email address to log in.
Clipperz is tied to Mozilla-based browsers, meaning that unless you are using Mozilla, Firefox, or SeaMonkey, you are out of luck if you'd like to use it. They also claim that their site is safe because the information is encrypted by the browser before it is ever sent up to the Clipperz servers, meaning that even the Clipperz DBA can't access your information.
Now, here's where my heebity-bejeebies come into play; Clipperz uses a JavaScript library for its cryptographic functions that's been released under BSD. It includes several third-party libraries as well. Now, I'm a suspicious ex-coder by nature, and the minute you start adding third-party code, you add any possible number of security holes from developers you don't know. Mind you, I'm a huge proponent of open-source software, but when it comes to protecting things like my credit card information, I really would like the software to be kept in-house as much as possible. Their model seems to almost beg for hackers to reverse-engineer things. The very fact that it allows you to log in directly from their app would be enough to taunt anyone phishing to see how much they could pull out of the browser on log-in. Add in that it is tied into the browser, and I'm afraid of the possibility of an exploit that would take over your browser, access credit card information, and spend away.
Don't get me wrong; Clipperz is a very attractive application. The interface is very user-friendly and looks smooth. And the functionality is impressive. However, I wouldn't be able to trust it with my information. I'm just not that trusting.
Another site similar to these two is NeedMyPassword.com. Needmypassword.com is a great way to store all of your usernames, passwords, and urls. Imagine only having to remember one password to gain instant access to all of your log-in needs! Needmypassword.com is safe and secure so you don't have to worry about anyone seeing your information except for you. It is also free and easy to use, so sign up now!