Chat support available. Click the chat icon on the bottom right corner to start chatting with us right away!

mSecure Support

Knowledge Base Forums Submit a ticket

Secret Account Password?

Hello,


I am looking at migrating from an earlier version to something new and since I always have liked mSecure I am considering movie to version 5. Now there is one thing that bother me, my own Account password is used to encrypt my data locally, but that password is also used to login to my account on your servers, I am for example unable to change my account password on my host which has must outing traffic disable for security reasons, it must send the password to your servers before I am allowed to change it.


Could you please explain why I would want mSecure software to have my private password for my encrypted data without any option to keep it local? Would it not be a good thing to allow us to key this password for ourself and have another password for the account, and allow to change the password without connecting to your servers?


Regards



Hi Henrik,

Thank you for contacting us. First, I'd like to start by letting you know we understand your security concerns. However, I'd like to provide you information about our system so that you are better informed. mSecure 5 is the first and only version of mSecure to use an account system. We made this move in order to have a centralized licensing system. With an account system, we now have the ability to offer the app as a single purchase instead of requiring user to purchase the app on each platform available. 


Now to the main security concerns:

  1. We do not store your account password in our system. No decent modern account system would.
  2. We do not log password information. I mention this because Facebook just got caught doing this and it cause millions of user passwords to be available in plain text.
  3. We do not encrypt your data locally or in our system using your account password.
  4. We use a separate account password that we call an account key for your data encryption both locally and in our system.
    • Data is only stored in our system if you select to use our mSecure Cloud. You have the option to use our mSecure Cloud, Dropbox, iCloud (Apple devices only), WiFi syncing, or disable syncing altogether.
  5. The account key is a  random 46 character long password that is created locally on your device when you first sign up for an mSecure account in mSecure 5 or after you sign in for the first time to an mSecure account created on our main website (https://www.msecure.com) in mSecure 5.
  6. This account key is only available to you locally. However, we do send you the account key in an encrypted form via email. This is to prevent you from losing this very important key.
    • We also store an encrypted version of your account key on iCloud Drive if using iOS/Mac, using Google Backups if using Android, and using Web Credential Manager if using Windows. This allows mSecure 5 on your devices to try to authenticate your account automatically and prevents users from losing the most valuable key needed for our app.
    • The account key is encrypted with your account password


So how does the system work then? As mentioned, when you first sign up for an account in mSecure 5 or sign in to an mSecure account for the first time in mSecure 5, mSecure 5 on your device generates a super secure password mentioned above that we call an “Account Key.” We then take a known piece of text (it doesn’t really matter what the text is, but it happens to be a copyright notice) and encrypt it with your account key. The encrypted text is then stored in your mSecure account on our system. 


To be clear, this is not the account key itself; it’s a known piece of text that has been encrypted with the account key. We then encrypt the account key with your account password – the password you .use to unlock the app – and store it in the mSecure database locally on your device. We then send you an “mSecure Authentication” email that contains your encrypted account key (This encrypted account key is displayed in the form of a QR code as well), which is required to authenticate you as the owner of your account.


Once signed in, when you unlock mSecure 5 on your device, mSecure reads the encrypted account key out of your local database and decrypts the account key with your account password. This is why you don’t need to use the QR code each time you launch mSecure. When you want to install and use mSecure on a new device, we require you to sign in with your email and account password then ask you for the QR code (if one of the automated authentication options does work or is not set up). mSecure reads in the encrypted account key from the QR code or encrypted account key text available via email, decrypts the data in the QR code or encrypted account key text with your account password then downloads the known piece of text mentioned earlier from your mSecure account. 


Once the known piece of text is downloaded, mSecure attempts to decrypt the known piece of text with the account key, and, if the decryption is successful, mSecure will authenticate locally on your device.  After being authenticated, mSecure downloads the rest of your data that is also encrypted with your account key from your sync method of choice (additional sync setup might be required). After the data is downloaded using your sync method of choice (additional sync setup might be required), your data can finally be decrypted with the account key locally on your device and saved locally.



Questions you might have:

  1. What happens when I change my account password?
    • As previously mentioned, your account key is encrypted with your account password. When you change your account password, you are changing this encrypted account key (not the account key itself). This change happens locally on your device and a new encrypted account QR code email is sent out. 
    • Depending on the state of the app on other devices (note the device you made the change on) might require you to unlock the app using the old account password first (or simply use any biometric unlock option). Afterwards, the app on other devices will require the new account password in order to be unlocked.
    • The new QR code or encrypted account key will be needed moving forward to sign in and authenticate your account.
  2. Why send out an email?
    • Ideally, we would prefer not to and are working to change this in the future. For now, we rely on the encrypted account key email to ensure that customers do not easily lose their keys.
    • Most modern email servers use decent TLS/SSL encryption and verify header information. That and the fact that what is sent is encrypted gives us confidence about using this method.
    • In the future we will either solely rely on the automated authentication processes already in place along with the ability to save the QR code locally directly from the app or we will make the email an opt-in option
  3. Can I generate my own account key? 
    • No
    • This could change in the future, but we have no plans currently to allow users to generate their own key. 


I hope all this information helps you. Please be aware that the account password is not what encrypts your mSecure information in mSecure 5 and we also allow you to choose between a variety of syncing options. You do not have to store any information in our system if you do not choose to. Please feel free to ask any questions you might have. I can always explain things further or try to simplify/condense things if needed.


Login or Signup to post a comment