Is RoboForm Online Safe?

by Norman A. Garrett
RoboForm provides several layers of security for retrieving passwords on the go.

RoboForm provides several layers of security for retrieving passwords on the go.

RoboForm is a password management service originally designed to run via a client application on an individual PC. Recently, it has added a service called RoboForm Everywhere, which is now included with each RoboForm software purchase. It enables you to store your password collection on a RoboForm server, where it's available to on any computer with an Internet connection. This enables synchronization of username/password sets across multiple systems and ensures that all passwords are kept up-to-date.

Client Application Security

RoboForm is designed to hold all of your username/password combinations. It will even generate strong passwords if a you want to have RoboForm select a password for a website. An option in RoboForm is to use the Master Password Option, causing the data to be encrypted when it's stored on the local hard drive, using the master password that you supply. For maximum security, always select the Master Password Option.

Passcards

RoboForm uses a concept called a passcard. When a usernname and password combination is saved in RoboForm, it's encrypted, using the master password as the encryption key, and stored as a passcard, a special type of file that only RoboForm can read. For the file to be read, you must enter the password used to create it. If another user were to access the computer and try to access the username/password combination, he would need to know the master password.

Additional RoboForm Everywhere Security

When RoboForm sends or receives your passcards over the Internet, a Secure Sockets Layer transmission is used. This is a secure method of sending data over the Internet that encrypts the data from end to end. If an eavesdropper were to intercept the data, it would be scrambled and unreadable. This is the same method that banks use for customer Internet access on their systems.

Data Center Security

One threat faced by data center operators is the threat of a breach of their system and access to user data. RoboForm's data servers are in a secure facility and protected by firewalls to prevent unauthorized access. While no system is foolproof, the controls that are in place minimize the risk of your data being compromised.

Choosing a Strong Password

Although RoboForm provides all of the necessary security measures, you also have the responsibility to use the Master Password Option and to choose a password that's strong. A strong password is difficult to crack, while a weak one can be cracked quickly. In addition, the selection of strong passwords on the various sites that RoboForm tracks is important and adds another layer of security.

About the Author

Norman A. Garrett is a retired university professor with expertise in distance education, telecommunications and networking. He has won numerous awards for his teaching and scholarship. Garrett is the author of six books and has presented and written for various international conferences.

Photo Credits

  • Brand X Pictures/Brand X Pictures/Getty Images