Updated on Aug. 1, 2007
A quick recap
The PassPack It! button will automatically log you into a website listed in your PassPack account. Unlike browser specific plugins, the PassPack It! button will work regardless of what browser you are using. In essence, it’s a hyped-up Bookmarklet.
Is the button user specific?
Yes. Only you can use your button. Someone else’s button won’t work for you, you must use your own.
You can install it on as many computers as you’d like. There are no limits. You also have the option of activating, or deactivating, all of your buttons worldwide.
Will PassPack track what sites I connect to?
No, we’re not interested in your browsing habits. The button works off a common database that stores the URLs of recognized websites and their relative structure. The database enables the button to know how to log in to a specific website – no information on who visits that link is stored.
For security purposes, we need to be able to track down anyone who attempts to abuse the system. To help us do so, we store information that may help us identify the account that registered PassPack the site using the teaching process. No data is saved however, on those who simply visit the site, or login to it. Teaching is optional.
Can I use it without opening PassPack?
No. You must click on either the Go There button in your PassPack Entry, or the Go gutton in your password manager list (more info here). Doing this sets off a complicated process (see next question) which will allow the Button to work only for the specified website, and only for you.
How does my data get to the website?
It’s a very sophisticated process, with a bunch of twists and turns to keep hackers out. I’ll outline that process here for you to give you the general idea, but know that this is a highly simplified explanation:
- You click through to the website from your PassPack account. Your browser makes an encrypted mini-pack and sends it, together with the URL for the website, over HTTPS to the PassPack server.
- The PassPack server temporarily saves this and attaches a 100 second timer to it – like all of your data, not even PassPack staff can read it.
- Simultaneously, but in a totally separate process, the link is opened in a new browser window – not directly though, first it passes (via HTTPS) through the PassPack server which does a little obfuscation so that the receiving website doesn’t know you clicked through from PassPack, let alone an open PassPack account.
- From here, the website takes over as it normally would, acting exactly the same way as if you had manually typed in your user and password and pressed “log in”.