A few days ago, I wrote an article entitled Why I Always Recommend AGAINST Password Management Products. In that article at https://goo.gl/aYZ4MV, I describe several reasons I do not trust any of the password manager programs available today. Now SatoshiLabs has released a product that removes most of my objections.
SatoshiLabs produces the highly secure MyTrezor offline wallets designed to store Bitcoins. It uses military-strength encryption to store Bitcoins. In fact, the Bitcoins remain stored in the device even when it is unplugged, unpowered, and stored in a desk drawer or in a safe deposit box. Hackers cannot steal your Bitcoins when they are stored in an unpowered, unconnected device!
Now SatoshiLabs is creating other uses for the MyTrezor device. The newest addition is a password manager. It uses encryption in a manner that even I approve of to store passwords in both the MyTrezor device and (in encrypted form) in Dropbox.
The TREZOR Password Manager is a new lightweight application designed to store and manage passwords with ultimate security. The Chrome extension is available now for public beta testing for all TREZOR hardware wallet owners. With a simple button click, the user encrypts each password entry with his personal TREZOR device. The Password Manager then automatically uploads the encrypted data to user’s private cloud storage, making them always available when needed. keep that word in mind: “encrypted.”
In my earlier article, I criticized password managers’ security saying that “If any hacker gains access to your password management software, he or she gains access to EVERYTHING.” You can read about past hackers gaining access to everything in earlier password managers at http://thehackernews.com/2014/07/critical-vulnerability-and-privacy.html and at https://www.wired.com/2015/06/hack-brief-password-manager-lastpass-got-breached-hard/.
That is a problem in almost all the earlier password mangers but not of the TREZOR Password Manager.
If someone does manage to hack into a TREZOR Password Manager account, reading the stored passwords is practically impossible. TREZOR adds yet another layer of security by encrypting the password entries on a one-by-one basis with a unique encryption key derived from TREZOR. That’s “one-by-one.” In the event a single password is decoded (which is virtually impossible), all the other passwords will remain safely encoded and not visible to the hacker.
The MyTrezor devices work on Windows, Macintosh, and most Linux operating systems. They do not work on Android or Apple iOS (iPad, iPhone, and iPod Touch). The MyTrezor devices are in short supply right now. SatoshiLabs sells them directly for $99 US but says they company’s inventory is almost exhausted. Details may be found at https://medium.com/@satoshilabs/buytrezor-com-stock-short-due-to-high-demand-22fd4897cbe8#.g9fvurzio.
The same devices are also available at higher prices from Amazon at https://goo.gl/vk5d2A although I have no idea how long Amazon’s inventory will last.
I purchased a Trezor device last week from Amazon. It is working perfectly so far.