Tag: Web browser add-ins

Password-vault software can work well but needs to go further

08/06/2012 Desktop Computer Software, Network Security No Comments

As I was reviewing the Fujitsu Lifebook SH771 business ultraportable computer lately, I had a chance to use the Fujitsu-supplied Softex Omnipass password vault that came with this computer. It worked with the Fujitsu laptop’s fingerprint reader to permit a “login-with-fingerprint” experience for the sites I regularly visit. For example, I was simply logging in to Facebook, this site’s admin panel, LinkedIn, ProBlogger forum and the like simply by swiping my finger acrss that laptop’s fingerprint sensor.

What is a password-vault program

A password-vault program stores the passwords you need for various applications and online services in an encrypted local file which I would describe as a “keyring file” and inserts the correct usernames and passwords in to the login forms for the applications and Web sites. You can only get to this password list if you log in using a master password or similar credentials.

This works well with a security-preferred arrangement where you create separate passwords for each online service that you use and avoid using single-sign-on options of the kind that Facebook and Google offer with other sites. Some of these programs work with varying authentication setups such as a fingerprint reader or a smart card. They can even support two-factor authentication arrangements like using your fingerprint or a Trusted Platform Module token as well as you keying in your master password  for a high-security operating environment.

Some of these programs also have a password-generation module so that you can insert a random high-security password string in to the “New Password” and “Confirm New Password” fields of a password-change form.

The login experience with these programs

When a password-vault program is running, it works with the browser or some applications to detect login screens. Then, you can set them to capture your user credentials from the login screen, typically by invoking a “Remember Password” function.

Then, when you subsequently log in to the Website, you authenticate yourself to the password vault with your Master Password, fingerprint or whatever you set up and the program logs you in to that site with the correct username and password for that site. Some programs may require you to authenticate when you log in to the computer or start the Web browser and persist the authentication while you are browsing the Web.

You can have a situation where the behaviour of these programs can be very inconsistent with capturing or supplying passwords. For example, it can happen with single-sign-on user experiences, admin-level / user-level setups or some newspaper paywalls that show the extra information after you log in. The same situation can occur with applications that the password-vault program doesn’t understand like some content-creation tools that allow uploading of content to a Website.

When can they be handy

The password-vault program can be handy if you maintain many different passwords for many different applications and Web sites; and you want to log in to them without trying to recall different passwords for different sites.

They also come in to their own if you are using a computer setup that uses advanced authentication setups like like most business laptops and you want to exploit these features.

What needs to be done

An improved user experience for these programs could be provided in a few ways. For example, there could be a standard “hook” interface that allows a password vault to link with the login experience without it looking for “username-password” forms when catching or supplying user credentials. This can deal with the way paywall setups expose the full article on the same screen after you log in; or other difficult login environments. Similarly, the standard API could also work with desktop applications that require the user credentials.

Similarly, there could be support for a standard file format and public-key / public-key encryption setup to allow a “keyring” file to be used with different password-vault programs. This could also cater for transporting authentication parameters between the two different programs; and could allow the “keyring” to be used on different computers. It is more so if you offload the “keyring” file to a USB memory key that is on the same physical keyring as your house keys for example.

Conclusion

I would like to see further innovation occurring with “password-vault” programs, whether as third-party software or as part of an operating system, browser or desktop-security program. This is to encourage us to keep our computing and online experience very secure as it should be.

Could this e-government initiative be upsetting the applecart in Europe as far as the Browser Choice initiative is concerned?

02/06/2010 Government-Citizen Online Activity, Industry Comments, Product improvement ideas 1 Comment

Article

E-Government-Offensive im Microsoft-Browser | news.ORF.at (Austria – German language)

My comments and brief interpretation

Judging from my basic understanding of the German language together with use of Google’s machine translation, I had “got the gist” of this situation which would be considered hostile to the European Commission’s agenda concerning Microsoft’s Internet Explorer browser.

What I was reading here was that the federal government in Austria were placing heavy emphasis on Internet Explorer 8 as part of their “e-government” initiative. This was including a downloadable toolbar add-in amongst obvious page-optimisation for this browser.

Most likely, I would suspect that, like most large organisations, the Austrian government uses Internet Explorer 8 as part of their standard operating environment and they expect that most users in that country may have stuck with IE8 even during the “Browser Choice Screen” switchover. One could say that this government could get away with this practice because many public and private organisations supply iPhone client apps to make their “front-end” useable on an iPhone which may be platform-specific.

What I would like to see with this is that if the government sites become less useful or unable to fulfil their function because of the preference for a particular browser is concerned, then the sites should be organised to at least fulfil their function no matter the desktop-computer user agent.

Product Review – TwonkyBeam (beta version)

03/11/2009 Product Review, UPnP AV / DLNA media controller software No Comments

TwonkyMedia have capitalised on their UPnP AV / DLNA expertise and developed a browser helper object that can play user-selected music, pictures and video from a Web site that you are browsing on to a DLNA-enabled media renderer device “there and then”.

What is TwonkyBeam

TwonkyBeam is a browser helper object which allows you to “push” media found on a Web page to your UPnP AV-enabled media device(s). This can come in handy with YouTube videos, Facebook or Flickr photos, last.fm music or similar sites where you may want to have the media on devices other than your PC’s screen or your laptop’s tinny speakers.

At the moment, the program has been written to work with Windows and Internet Explorer, but will be ported to other desktop Web-viewing environments.

How does it work

Once the software is installed, there is a window that lists all compatible media on the Website and you select which media you want to use. As you select the different media, the media file’s URL is highlighted in the main Web page. In that same window, there is a list of UPnP AV-enabled media players on your network that accept “push” content.

The user identifies the media player that they want to push the media to and selects the media to be viewed in the media list. Then, to show the image, they press the “play” button in that window above the media player list.

On the other hand, the user can right-click on the link and select “TwonkyBeam to” as a way of putting the media on to the DLNA device.

Limitations with certain Websites

At the moment, the current version that is available is a “rough diamond” beta version. In some ways, the program doesn’t provide full access to photo albums that are broken in to groups of, say, 20. This may limit its usefulness with large Facebook photo albums or Flickr photostreams, which is what I have often used the program with when testing it against the “TwonkyMedia Manage UPnP AV Media Renderer”. Nor does it provide access to embedded media clips like most of YouTube’s pages or video clips that are set up in news articles, blogs and social-networking sites. These are the ones where there are playback controls integrated in to the site’s user interface and you can typically see the video in the Web page.

Web developers may have to provide an “all images” view as an option for photo albums or write a “link” URL for video clips that are ordinarily embedded to work around the limitation. The “link” URL could be part of the article’s copy or as a separate link under the embedded video.

Development ideas

One way of improving this program would be for Websites to support media XML files that describe the primary media assets. This would include collections that are broken up in to paginated groups like most Web photo albums.

Similarly, there could be support for handling Flash-embedded videos that are common to YouTube sites and most Web sites that include video material. This could be looked at through the development of applets that “click on” to TwonkyBeam and similar programs and expose the video clips to these programs.

Conclusion

This program can work as a “quick and easy” way to get media that is in a Web site up on to the large screen or better speakers of a DLNA-connected TV or stereo system. It could, in some ways, legitimise the need for one of the Sony or Samsung DLNA-enabled flatscreen TVs in the office or conference room.

The review will be updated whenever the beta version of this program is “polished up” and ready for full release.