Chat support available. Click the chat icon on the bottom right corner to start chatting with us right away!

mSecure Support

Knowledge Base Forums Submit a ticket

Oh How I Love mSecure 4 and mBackup

I just tested mSecure 4 on iPad with OS 13.1, and it still works as far as I can tell.  I would easily pay 20.00 to have an updated standalone iOS mSecure and an updated mBackup. Please never take mSecure 4 out of my iOS Purchased Items.  I wish you would separately sell a version through the App Store that did not require any vendor account.  Give it whatever version number you have to, but give us the option to pay you for a solid iOS application that can easily be backed up to a local computer.  mBackup was a beautiful solution.  Even though it has not been updated in maybe 7 years, it still works for me.  

Hi Jeff,

We do not control your iOS purchases or App Store purchases and would never take anything out of your purchase history. mBackup is a free backup utility that has not been updated in over 6-8 years. mBackup will no longer work on Mac soon and it's likely to eventually not work on Windows either. Also, please note that mSecure 3 for Mac and Windows does everything that mBackup does and a lot more. If you use mSecure 3 on Mac or Windows, there is no reason whatsoever to use mBackup as well.

All that said, can you let me know what your specific issue is with having to create an mSecure account for our latest app? Our account system is used as a licensing system. It allows us to sell mSecure 5 as a single one-time purchase that let's you use the app on Android, iOS, Mac, and Windows on as many devices as you would like. Prior to our mSecure account system, customers had to purchase mSecure separately on each platform and go through different licensing systems (app stores and license/serial numbers). Additionally the mSecure account password is not used to encrypt your mSecure information (a unique random account key is used instead) and you are always fully in control on where or how to sync or store your information in mSecure 5. With mSecure 5, you can select to use our mSecure Cloud, iCloud, Dropbox, WiFi syncing or no syncing at all. 

I'm happy to provide you more information about our mSecure account or mSecure 5 system(s) or security. In the meantime, you can learn more about it here:

Thanks for your response.  I have studied password managers more extensively than I should.  I have only ever owned the iOS version. I never wanted the other versions.  That's why mBackup was so great.  All I need is a password keeper that is local to my phone, but which I can back up from the iOS app itself.  I use both mBackup and email Backup.   However, mBackup made it possible to print a hard copy of my passwords periodically and put the document in my vault.  I wouldn't mind having an account if it didn't require me to make the account password and the master password the same.  Regardless of your random account key, I want a client side master password not known to you.  There has to be another way for you to manage licenses.  I guess I realize that, eventually, I won't be able to use mSecure 4, but each year I get to use it is a year in which I don't have to transition to another password manager.  The closest thing I have found to what I want is Strongbox for iOS.  Take a look at it.  That is what mSecure 4 offered me.  I was simply bemoaning the fact that you will probably never offer a standalone iOS purchase that replicates the way in which I have used mSecure 4.  I would pay for it, and, if you look at Strongbox, which is an interesting product, you will see that there is a market for what I want.  I would even subscribe on a yearly basis to an iOS product that did not require me to have an account with you.  I understand this will never happen.  It's too bad, but it's been a good run.  I personally require a standalone app that is not dependent in any manner on an account system.

Hi Jeff,

Thank you for your feedback here. Please note that we don't know anyone's account password. An account system where we know a user's account password would be the worst possible thing and we would have already had our servers cracked, compromised, and this would have been public long ago. So, just to provide the information in the security article I linked you to:

Encrypted from End to End.

Every time you use mSecure, your data is encrypted before a single byte ever leaves your devices. Your account key (encryption key) is protected by your Account Password and neither is ever stored on our server, so only you have the keys to unlock your secrets.

Double Protected

Our security recipe starts with AES-256 bit encryption and uses multiple techniques to protect your data at rest and in transit.

Account Password
Not just the password you use to unlock the app, it also plays a key role in encryption. Only you know your Account Password.

Account Key
Also a star player in key derivation, this unique 46 character identifier is generated locally on your device. Only you have your Account Key.

Account Key: Better than Two Factor.

Security professionals recommend using multiple authentication factors: “something you know”, like your password, and “something you have”, like an authenticator app on your phone.

The Account Key takes this idea to the next level. It doesn’t just authenticate you with our servers; it also plays a direct role in encrypting your data. That’s important, because it strengthens your Account Password exponentially. And since it never gets sent to us, your Account Key can’t be reset, intercepted, or evaded.

To be sure, keeping your data secure is a complex process, but the most important point is this: Your information is never in a readable/decrypted state outside of the mSecure app running locally on your device.

Eden. One last question. If a master account password is changed, does the account key /QR code remain the same. In other words, is it only a full account reset that will lead to a new account key. Thanks for your info.

Hi Jeff,

When you change your account password, the encrypted account key or QR code image changes as well. That is, the account key does not change. However, what's used to encrypt the key changes so a new encrypted account key and QR code are created locally on your device(s) using the new account password to encrypt the existing account key. In other words, only a full account reset will lead to a new account key being created on a device.

Login or Signup to post a comment