There's an option that can be set for an individual login to require the user to reenter the Identify Safe password before IS will fill in the site's user id and password. I believe this is supposed to provide additional security for the sites it's enabled for--someone who gets access to the machine while IS is active still won't be able to fill in the user ID and password for the site in question.
However, there's nothing to stop someone from simply going into IS setup and turning off this option site by site. So is the feature really providing any additional security?
There's an option that can be set for an individual login to require the user to reenter the Identify Safe password before IS will fill in the site's user id and password. I believe this is supposed to provide additional security for the sites it's enabled for--someone who gets access to the machine while IS is active still won't be able to fill in the user ID and password for the site in question.
However, there's nothing to stop someone from simply going into IS setup and turning off this option site by site. So is the feature really providing any additional security?
Thanks.
Have you attempted to do what you suggest?
If I opt for the "ask for my password before filling out a login or form" under the Password & Security setting and apply it and then later go back to that option to change it back, it asks me for a password before I can change it.
If that is not what you are asking - please explain what you are asking - I'm not sure I understand the site by site portion of your question.
That's not what I'm referring to. I'm referring to the option to REQUIRE THAT YOU ENTER THE IDENTIFY SAFE PASSWORD A SECOND TIME for a site you want extra security for. You enable it via Edit logins / <go to login in question> / check "Require Identity Safe password before filling". Once it's enabled, you get asked for your Identify Safe password again when you visit that site even though you have previously entered it for Identity Safe in general. However, you can get around this by just going back via the path I listed and turning the option off again for that site. You don't need to enter the Identity Safe password to turn the option off for a site that has it enabled.
There's an option that can be set for an individual login to require the user to reenter the Identify Safe password before IS will fill in the site's user id and password. I believe this is supposed to provide additional security for the sites it's enabled for--someone who gets access to the machine while IS is active still won't be able to fill in the user ID and password for the site in question.
However, there's nothing to stop someone from simply going into IS setup and turning off this option site by site. So is the feature really providing any additional security?
To answer your question. IMHO ~ No. Once your Logged In to Identity Safe your Log In Creds are an open book. Just assume that fact and act accordingly. If you walk away. Log Off or set ID Safe to Auto Log Off if computer is inactive for xx min. Or, best practice if you walk away. Suspend your computer | sleep mode.
ID Safe has Ask for my password upon resuming from suspend. ID Safe prompts you for your Identity Safe password when your system restores from suspended state.
This option prevents misuse of your Identity Safe data by validating your Identity Safe password each time your system restores from suspended state.
You may also opt to Password protect your cards and Password protect your Settings.
But, as you know... if your Logged In to ID Safe your Log In creds are an open book.
There's an option that can be set for an individual login to require the user to reenter the Identify Safe password before IS will fill in the site's user id and password. I believe this is supposed to provide additional security for the sites it's enabled for--someone who gets access to the machine while IS is active still won't be able to fill in the user ID and password for the site in question.
However, there's nothing to stop someone from simply going into IS setup and turning off this option site by site. So is the feature really providing any additional security?
The important issue here though, is actually this:
rlsanders wrote:
However, there's nothing to stop someone from simply going into IS setup and turning off this option site by site. So is the feature really providing any additional security?
Physical access to your computer is something that is beyond Norton's control. If you're in an environment where more than one person can physically access your computer, then make yourself acquainted with the keyboard shortcut that locks your Windows account: (Windows key + L). Thus, when you need to leave the computer, for whatever reason, always ensure that you use the Windows key + L key combination to lock your user account; this will prevent unauthorised access to your Identity Safe info and all other personal documents/photos/videos that you have stored under your user account...