Does NIS2012 really destroy multi-user ID Safe portability on common systems?

GreenSleeves · ‎02-23-2010

I recently upgraded a few household computers to NIS2012 after reading very positive reviews.

To my dismay, the ID-Safe capabilities that we had relied upon are now gone because portable profiles

are no longer supported, the "replacement" on-line vaults are limited to one per Norton Account, and all

our systems are associated with the same Norton Account (for convenience, and due to the use of 3-packs).

With NIS2011 each user on our shared home systems (each user has their own logins on multiple computers)

could use portable ID Safe profiles in order to maintain security, privacy and synchronization. This worked

very well. Each person could even have multiple portable profiles to maintain strict separation of information by

account groups. They could use that profile on any computer running NIS2011 that they trusted - simple and

effective, password protected, and no requirement for multiple individuals to know how to login to the common

Norton Account covering those computers.

NIS2012 eliminated the portable profiles, but offers to "convert" the portable profile to a local or online vault.

This does not even come near to reproducing the capabilities of having portable profiles - you can't have

multiple profiles (vaults) per user, and multiple users cannot synchronize (using on-line vaults) because

there is just one on-line vault available to all users with home system(s) on the same Norton account.

I want to reconfirm that the "on-line" vault does not reproduce portable profile capability, even though

it is offered as a way to synchronize across computers. Namely:

1. There is only one on-line vault available per Norton Account, although multiple users may share

computers associated associated with the same computers. This means that each user can not

have their own personal (possibly multiple) on-line vaults - they must either manually synchronize

local vaults on multiple systems, or share a common on-line vault (which is absurd from a security

standpoint).

2. One cannot create extra "Norton Accounts" in order to maintain multiple vaults either individually

or for different users within a household whose computers are associated with the same NIS Account.

That is, the "Norton Account" used to maintain information about installations (which can include 3-pack

installs commonly used in households) are the same as the "Norton Accounts" used to hold vaults.

3. There is no easy way for a user to maintain multiple ID-Safe profiles with the same system and login.

The best one can do is create multiple login identities, and create local ID-Safe profiles for each, but one

can't sync between systems (due to the single vault per Norton Account limitation, which makes on-line

vaults useless in this case).

I am quite upset - we had a very useful, portable security approach before - and now it appears to be

completely gone. The literature describing NIS2012 ID-Safe does not warn that significant ID-Safe

capabilities will be lost in upgrading from NIS2011 to NIS2012. An online support chat confirmed the

degredation of capability, but I'm not sure the advisor really understood the nature or seriousness of

the implications.

Thanks for any clarifying information. I have searched extensively to determine how one can maintain

pre-existing capabilities after moving to NIS2012, and have found nothing except one vault

per user on a computer, and one on-line vault per Norton Account - with nothing suggesting one can

generate additional Norton accounts to hold distinct on-line vaults either for the same user, or different

users sharing systems but having their own local computer logins.

BTW, it was also handy with NIS2011 that the ID-Safe profiles were named. This also went away.

Alex_W · ‎09-06-2011

Hi GreenSleeves,

While an online Identity Safe profile does need to be associated with a Norton Account, there is no requirement for that Norton Account to be the one used to register the product. Each user can have their own separate Norton Account and associated Identity Safe profile. The product registration won't show up on these new accounts; it will remain associated with the original account. To set this up, you can do the following:

1. Make sure you are logged out of Identity Safe.

ids_1_toolbar

2. Bring up the window for logging in to Identity Safe.

ids_2_toolbar

3. In the window that pops up, click on "Change User."

ids_3_identity_safe

4. If you already have other Norton Accounts set up, log in using their credentials. If you don't have other accounts set up yet, click on "Create New Account" and complete that process.

ids_4_login_to_norton_account

5. Now that you're logged in with the other account, create an Identity Safe profile for it.

ids_5_identity_safe

6. Go through the normal process of setting up the Identity Safe profile and make sure the option to store the data online is checked.

ids_6_identity_safe

For security and privacy purposes, you may want to set the Identity Safe profiles to automatically log out.

ids_7_settings

ids_8_password_and_security

Hope this helps.

~Alex~

GreenSleeves · ‎02-23-2010

Alex,

Thanks for the clarification. NIS2012 ID-Safe/vault documentation needs to be updated to make it clear that one can create

multiple Norton accounts to hold multiple on-line ID Safe vaults - perhaps with examples specific to the two cases I mentioned: One user who needs to maintain multiple online vaults, or multiple users on the same system who would like to have their own on-line vaults.

Even online-chat personnel may be unclear about this. I was told that only one on-line vault could be used across systems associated with the same NIS multi-pack installation (and hence the same installation associated Norton Account). That is, the chat support person assumed the Norton Account associated with an on-line vault had to be a NIS installation associated account, and that this consequently limited on-line vault availability.

Since email addresses are used as UserIDs for the Norton Accounts, with a max of one on-line vault per Norton account, each on-line vault requires a unique email address. Do these have to be actual email accounts - that is, do we really have to setup a real email account for each on-line vault that we want to maintain?

Thanks.

AllenM · ‎12-14-2008

Hi GreenSleeves,

Welcome to the Norton Community.

I understand you want to have multiple users be able to have their own online vault. This is definitely taken care of since as Alex explained each user can have their own Norton Account. I'm actually doing this myself and it works great!

However, I'm not sure I understand why a single user would want to have multiple profiles. I'm not saying there is not a valid need to, you know better than I do on that. But I am curious why that would be useful. It would seem that would cause confusion more than anything. Even with 2011 and earlier versions, a single user could not do this unless they had more than one Windows user account.

To your question regarding if the email addresses have to be valid. Yes they do - I am sure that part of the Norton Account registration requires that the email address be validated before the account is made active. However there are ways around this as well. Many ISP's allow multiple email addresses at no extra charge - for example I have Comcast and they allow up to 6 email addresses on my account. If you have an ISP that allows this, then it should be easy to set up and then you would either need to configure your email client software to retrieve email for that account or use their web based email service.

Other options of course would include GMAIL, YAHOO or any number of others which offer free email addresses.

But you will want to have a valid account which you check for email periodically. And even if the Norton Account registration did not require validation of the entered email address you would still want it to be a real email address for things like password recovery and the like if you ever forget your password.

Hope this helps.

Best wishes.

Allen

Windows 7 Ultimate SP 1, 32 bit, 4 GB * NIS 2012 (19.8.0.14) * Ghost 15 * IE 9, Firefox, Safari.
Test laptop with W7 Home Premium 64 bit * NIS 2012 (19.8.0.14)

GreenSleeves · ‎02-23-2010

Allen,

In fact, I had been using portable profiles to manage multiple groups of logins - but was also using separate

login accounts on the Windows systems in order to maintain strict separation, including associated management

of cookies, LSOs, etc. That might be associated with login accounts.

I didn't know one couldn't use multiple portable profiles sequentially under the same user login on a machine since

I had setup separate login accounts for practical reasons.

As to why one might want multiple profiles, keep in mind that someone might have authority over various groups of

accounts that should be kept separate - and one convenience is to support this is using separate login profiles. Another

reason might be to maintain strict separation between groups of accounts used for very different reasons (finance,

gaming, social media, subscriptions, etc.).

In any case, I may end up using local profiles based on exporting the vault, and re-importing from a master copy (if I stick

with NIS2012 rather than reverting to NIS2011). The on-line vault concept looks promising if security, reliability and privacy can be proven - but I wish it had been provided as new option, not as a replacement for portable profiles.

Regards,

GreenSleeves

SendOfJive · ‎02-07-2009

GreenSleeves wrote:
As to why one might want multiple profiles, keep in mind that someone might have authority over various groups of
accounts that should be kept separate - and one convenience is to support this is using separate login profiles. Another
reason might be to maintain strict separation between groups of accounts used for very different reasons (finance,
gaming, social media, subscriptions, etc.).

I also sort some of my logins by category. Rather than setting up multiple profiles, however, I just create multiple folders to store the various classifications. Go to the Edit Logins screen and choose Create New Folder.

AllenM · ‎12-14-2008

GreenSleeves wrote:
Allen,

In any case, I may end up using local profiles based on exporting the vault, and re-importing from a master copy (if I stick
with NIS2012 rather than reverting to NIS2011). The on-line vault concept looks promising if security, reliability and privacy can be proven - but I wish it had been provided as new option, not as a replacement for portable profiles.

Regards,
GreenSleeves

Hi GreenSleeves,

Apologies, I had originally misunderstood what you were referring to. Yes I agree, it would be nice to have the option of portable ID safe profiles on a USB stick, etc.

Might I suggest that you request this option be reinstated by posting a suggestion in the Norton Product Ideas forum?

I do think the online ID safe vault is very secure. Your weakest link is your Master password so as long as you have a strong password, ideally mixing upper/lower case, numbers and special characters no one is going to be able to break into your ID safe data and it is also encrypted. Not even Symantec can access the data contained in your ID safe vault without the Master password.

Best wishes.

Allen

Windows 7 Ultimate SP 1, 32 bit, 4 GB * NIS 2012 (19.8.0.14) * Ghost 15 * IE 9, Firefox, Safari.
Test laptop with W7 Home Premium 64 bit * NIS 2012 (19.8.0.14)

GreenSleeves · ‎02-23-2010

Allen,

Thanks - I'll request that portable profiles be reinstated as a continued option. From a customer relations standpoint It seems to me that adding a new service option (the on-line vault) is a better than forcedly replacing an existing working option (the portable profiles) with a new but unproven system (on-line vaults). That way customers can choose to migrate when they are comfortable that the new system is reliable and meets their operational and security needs.

GreenSleeves

AllenM · ‎12-14-2008

Hi GreenSleeves,

No disagreement here.

Best wishes.

Allen

Windows 7 Ultimate SP 1, 32 bit, 4 GB * NIS 2012 (19.8.0.14) * Ghost 15 * IE 9, Firefox, Safari.
Test laptop with W7 Home Premium 64 bit * NIS 2012 (19.8.0.14)

Norton Internet Security / Norton AntiVirus

Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Re: Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Re: Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Re: Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Re: Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Re: Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Re: Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Re: Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Re: Does NIS2012 really destroy multi-user ID Safe portability on common systems?

Products

Services

Support