How To Send & Receive a Password Entry

After introducing our ideas on how privacy can evolve, Passpack quickly started making it happen. We kicked off Sharing by starting you off with Secure Messaging but we know how  necessary sending passwords can be too! You may have given it a go and sent a password entry or two to someone from your Ring of Trust – but here are a few tips and tricks in case you haven’t noticed them already.

Sending a Password Entry

After having activated Sharing in your Settings and added a select few people into your Ring of Trust, you may find yourself copying and pasting login details into your message field. Stop that right now!

Each of your password entries now comes with its very own Send to link, right underneath your tags. Choose the password entry you’d like a copy of to send, click the Send to link within your entry and a message box will appear with a drop down field of contacts from your Ring of Trust. Add a quick explanation of why you’re sending these login details –

I’ve signed up for XYZ’s trial version for the office. Could you test it out as well?”

Don’t forget that if you want to include your notes field, you’ll have to check the Include notes too under your message. Once you’re all set, press Send Now, and OK the confirmation message and an attachment of your password entry will be sent on its way.

If beowulf is in your Ring of Trust, and you want this entry in your Pack too, press OK!

And if you love the idea of sending a password entry, but have none within your pack that can be sent, why not create a whole new entry?

Click on Add New in your Password Tab, fill in all the details you want to send off, click Send to and voila – you have sent a completely new password entry to one of your contacts.

Lesson learned here: A password entry doesn’t have to be part of your Pack to be sent off.

Letting Go of Attachments

It’s important that you understand that the password entries that you send are attachments (shared and administered passwords are yet to come). When you send your colleague John, your login details to the company Delicious account, you are sending him a copy.

So what? – You may be asking. Well, once John accepts the entry, he can do whatever he likes with the details and notes you have sent him – and password! The same goes for the sender. You are not sharing an account, you simply both have the same login details for the same account. So choose your entries wisely. As they say – Keep your password entries close and your Ring of Trust closer…

It Is Better to Give AND to Receive

When you go into your Messages Tab, you may be pleasantly surprised to find that John (from your Ring of Trust) has sent you a password entry too! Here’s what to do – first off it’s always good manners to read the message before opening the gift (or in this case the attachment).

An example message sent from "John"

So you’ve read your message and want to accept the password entry. Click on the attachment (your standard paper clip) and you are given the options Refuse, Accept and Accept & Save. What to do?

Well, if you are not comfortable receiving the entry, don’t. Just press refuse. Maybe the sender’s message wasn’t convincing enough. Maybe you don’t think you need that entry. Or maybe you just want more info – in that case why not send a message asking for more info?

Don’t worry. Pressing Refuse does not delete the message from your Secure Messaging inbox. So you always have a second chance, even third as long as you don’t delete it from your inbox and as long as it hasn’t expired.

Accept and Move On

Last bit is easy. You receive a password entry, you click on the attachment, you need it and you want it in your Pack. What’s the difference between Accept and Accept & Save?

If you Accept, the entry is automatically added to your Pack, but not yet saved to your Pack. If you press Accept & Save, the entry is automatically added to your Pack AND is saved to your Pack AND all previous unsaved changes are saved as well. So it’s kind of like hitting the Save All button in your Passwords Tab.

Modify What You Have

So let’s say you receive a password entry from John, for a Basecamp account and this is the message he writes:

I’ve signed up for Basecamp’s trial version for the office. Could you test it out as well?”

You realize that you already have an Basecamp account in your name but would like to accept John’s entry as well.

Don’t even think of copying and pasting! Open the attachment, make the necessary changes so that you can identify it, such as Basecamp2 or Basecamp John (that part is up to you) and your last step is as before –  Accept or Accept & Save!

If you had pressed Accept without making any changes, your already existing Basecamp entry would NOT disappear or be replaced. You would just have 2 entries with the same name, making it more difficult for you to distinguish between your original entry and the one you have added. So it probably just makes more sense to just change the Entry Title.

Now get sending! And let us know if you have any of your own tips & tricks you want to share with us and other users!


4 responses to “How To Send & Receive a Password Entry

  1. How are the credentials stored on the server while waiting for the reciever to do something with them?

  2. @viktor The credentials are stored on the server exactly the same way Secure Messages are stored. Sending password entries are in fact a form of Secure Messaging.

    The entry is encrypted using AES encryption (like everything else that travels from your account to Passpack servers) PLUS can only be read by both sender and recipient with their RSA public and private keys (these keys are automatically generated when you activate Sharing).

    Let me know if this answers your question : )

  3. @louisevinciguerra, thanks for your reply.
    So if i understand this right, every users public key is stored on the server and the sender uses this to encrypt the message?

    Question two: How big RSA-keys are used?

  4. @viktor You are correct. The public key is stored on the server and that is what is used to encrypt the message.

    The keys are 1024bit. We were considering 2048bit but they were too heavy for Javascript.

    Hope that answers your questions : )

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s