Well… I’m assuming it stores our passwords in the cloud as does Lastpass which I’ve used for two years now. Is NIS’s password manager inherently more secure than Lastpass’ or are they essentially the same thing? In addition: I’ve read that storing passwords in the cloud is not as secure as storing them locally as is done with 1Password or Keepass. Since I just purchased NIS 2012, I’d like to use this feature and am debating disabling Lastpass. Suggestions?
Passwords that are managed in the cloud are encrypted, so if you have an appropriately strong master paswoord, your logins should be relatively safe. Having said that, anything man can develop, another one can find a way to do something to it, as we saw with LastPass this year. I use it as well on one machine.
Hello JamesD,
Cloud storage of your Identity Safe Data is an option, not a requirement.
When you set up Identity Safe, your logins and cards are stored locally on your computer and they will remain there unless you choose to move them to the cloud.
If desired, you can move them to the cloud to utilize the logins across multiple computers running NIS 2012.
Check out the videos here which explains the optional procedure for using the new Online Vault.
This is a nice tutorial for building user accounts, as well. It is very similar to what you are already accustomed to using.
Thanks. I've viewed the tutorials (much appreciated) and am still confused as to whether this feature of NIS 2012 is essentially the same as what I currently use with LP or somehow better. I'm assuming (since you never said this) that when my passwords are stored locally, they are encryted so that should my computer be hacked the hacker would still face having to decrypt my master password... correct?
I suppose it's pretty much a draw then... between LP and NIS 2012. Perhaps it's better then that I stick with LP since it's already set up and simply not implement NIS's password saving feature.
And perhaps I'm asking for the impossible: for someone to provide me with the motivation to switch from LP to NIS or not. That would be unfair to all concerned.
As I now understand it... NIS provides me with an option: store locally under a master password OR store in the cloud in an encrypted form as LP provides. Given the freedom that cloud storage affords and the fact that my computer could be as easily hacked and compromised as the cloud, it only seems reasonable to stick with LP. I'll accept this as a solution and mark it so. If anyone can see any problem with my conclusions, I'd appreciate knowing about it. Thanks again. Good forum, btw.
The advantage that I see to LastPass is that being a free app, it can be downloaded on any machine that you happen to be using and get access to your passwords. With NIS, you will need to have Norton on a machine to use it. Otherwise, I would expect to see them very much alike.
I haven't switched to 2012 yet but I use the IDSafe feature in the 2011 versions and find it quite as good as LP.
When I purchased NIS, it came with three licenses (one for my wife, one for me and one for our laptop which we share). We've put NIS on all three (two desktops and the laptop) but we've decided to keep LP on all of these devices. I thought perhaps that NIS might provide something in addition to LP that might make it worthwhile switching. Indeed... when you purchase something you want to make use of "all" of its features. But in this case, I cannot see any advantage in doing so.
Again... thanks for your input. I've been a member of several forums and I'm very impressed with the promptness and willingness of others to respond here.
JamesD wrote:
As I now understand it... NIS provides me with an option: store locally under a master password OR store in the cloud in an encrypted form as LP provides. Given the freedom that cloud storage affords and the fact that my computer could be as easily hacked and compromised as the cloud, it only seems reasonable to stick with LP. I'll accept this as a solution and mark it so. If anyone can see any problem with my conclusions, I'd appreciate knowing about it. Thanks again. Good forum, btw.
HI JamesD,
In reference to the blue highlighted section above. Just wanted to clarify that whether you store in the cloud or locally, the master password vs encryption is the same.
Best wishes.
Allen
Thanks, Allen. It would seem on the surface that whereas both cloud and local storage use the same encryption, the cloud woudl be a greater target for hackers than my computer alone by virtue of a bigger pay-off for the hacker(s). Of course, you have the trade-off of not being able to easily sync your pw with your other devices "if" you choose to store locally (oh... it can be done but not nearly as conveniently). So in the end... while there is no completely safe way of storing passwords outside one's gray matter, it seems to me that the most reasonable way is to make use of the cloud for such storage but commit to memory those few sites (i.e. bank, Amazon, etc.) in which money passes hands. And that being the case, NIS does not really offer anything different than Lastpass so in the end, it's probably more prudent that I simply stay with LP and forego this one feature of NIS. Thanks again.
Hi JamesD,
All true but I would add that if you create a truly strong password, even if someone did get a hold of the data file they are not going to be able to break the password. Remember that a strong password should ideally combine upper/lower case, numbers and special characters and above all do not make it be a dictionary word or something which someone could guess if they know a few personal details about you.
Personally I use a secure password generator and choose passwords including all 4 types of characters and anywhere from 16-20 characters in length. 
I also find it interesting that even in this day and age I occasionally come across a website which handles things like bank / credit card accounts and such and some still do not allow special characters! 
Best wishes.
Allen
This is certainly not a dig at LastPass (which is a good product), but personally I feel better using a company with resources to devote to protecting my data and systems. Its why I use NIS on my home PCs vs. smaller products.
All things being relatively equal as far as performance and security, resources are definitely a factor given how quickly things move/change in the ether.
Allen, I'm simply acknowledging your post since I'm on my phone now in Starbucks.I'll have a proper response later. Thanks.
AllenM wrote:Hi JamesD,
All true but I would add that if you create a truly strong password, even if someone did get a hold of the data file they are not going to be able to break the password. Remember that a strong password should ideally combine upper/lower case, numbers and special characters and above all do not make it be a dictionary word or something which someone could guess if they know a few personal details about you.
Personally I use a secure password generator and choose passwords including all 4 types of characters and anywhere from 16-20 characters in length.
Best wishes.
Allen
My bank refuses to allow anything beyond an eight character password mixing only lower and upper case letters and numbers. I've written to them before about this but have achieved little more than an reassurance from them that my accounts are ensured... period. Very short-sighted if you ask me.
I appreciate the warning about generating a strong password and what that entails. I intend to do this as soon as I'm finished this post.
CountryGuy wrote:This is certainly not a dig at LastPass (which is a good product), but personally I feel better using a company with resources to devote to protecting my data and systems. Its why I use NIS on my home PCs vs. smaller products.
All things being relatively equal as far as performance and security, resources are definitely a factor given how quickly things move/change in the ether.
CountryGuy, I understand and appreciate what you are saying. I've had Norton security software for many years (not consecutively... I've only returned to Norton in the past two years). I know they are a reputable company with rave reviews from many technology sites (i.e. PC World; CNet) and it is for that reason that I purchased NIS 2012 and installed it on my desktop, my wife's desktop and our joint laptop. And knowing that LP offers a "free" solution which was better than nothing for the past couple of years, I had opted to go with it. But now that I have NIS which offers this protection, I'm tempted to try it out even though I said I would ride with LP since I failed to see any substantial difference in protection. But as you rightly point out... Symantec has the resources and the reputation to protect so perhaps in the end it might provide the better solution to my password protection. Thanks for your input.