F-Secure KEY - Review 2022

The whole signal of using a password manager is that information technology remembers all your passwords, leaving you lot costless to alter them to complex, random values instead of weak-but-memorable ones like your dog'south proper noun, or your birthday. F-Secure KEY handles the bones task of remembering your passwords, and it can sync beyond all your Windows, macOS, Android, and iOS devices. The electric current version has added a few features since I last tested it, simply other password managers have evolved likewise, adding avant-garde features like automated password updates, secure credential sharing, and countersign inheritance. F-Secure Central offers none of these, and then it isn't gaining basis on the competition.

For $32.99 per twelvemonth, you can install F-Secure KEY on all your devices and freely sync your data amidst them. If, despite the visitor'southward assurances about the security and anonymity of your data, yous prefer not to have passwords stored in the cloud, that's fine; you don't have to sync. And if you forego cloud storage and syncing, the product is gratis. Dashlane, likewise, is free if you forego syncing. If yous want both the convenience of syncing and the security of staying away from the deject, Sticky Countersign Premium gives you the selection to sync only across your local network.

Getting Started

After a quick and uncomplicated install, F-Secure Fundamental invites you to either create a new business relationship by inbound a master password, or link your device an existing premium account. Note that yous don't enter a username or email account. Your login is bearding, authenticated by your knowledge of the master countersign and your possession of a trusted device. oneID uses a like trusted-device organization, without fifty-fifty requiring a master password. Merely where oneID lets you revoke trust for a lost device, F-Secure can't do the same, due to your account's anonymity. If you do lose a trusted device, be certain to change your master password immediately.

As yous type your main password, the rating rises from weak to moderate and all the way to strong. The rating system has improved since my final review; at that time it called the very weak "countersign" moderately strong. The current edition requires employ of all character sets and downgrades passwords that contain known words or sequences similar qwerty or 12345.

Like Keeper Password Manager & Digital Vault, Dashlane, and most competing products, F-Secure Fundamental'southward master password creation dialog points out that if yous forget the password, the company just can't assist you. Nobody at F-Secure knows your password, and nobody there can decrypt your data—even if ordered to by police force enforcement.

Of class, that leaves you up a creek if you lot practise forget the main password, just F-Secure has an unusual remedy. Once yous've created your master countersign it prompts you to save a Recovery Code, similar a QR-Code. You print the code and file it somewhere safe, perhaps in a fireproof certificate safe. If you do lose your master password, you can regain control by snapping the code with your mobile device. Clever!

Here's a warning; don't e'er get out your desk with F-Secure Primal open. A snoop could have a field day guessing your master countersign. How? On the page where you change your master password, the field for entering the old master password starts off marked Invalid. When you (or the snoop) type the correct principal central, it immediately changes to Valid. That's not adept. What should happen is that you blazon the onetime countersign, enter the new i twice, and click to make the change. Only at that point does it cheque the validity of the old master. Guessing passwords is a lot faster when the snoop gets an immediate prize for a correct guess.

Manual Password Entry

If y'all're accustomed to the automated password capture and replay offered past LogMeOnce Password Direction Suite Ultimate, RoboForm, and nigh competing products, F-Secure KEY may disappoint. Cosmos of login entries is a completely manual matter. You enter a title, username, password, and URL, forth with any notes you deem important. The easiest way to get the URL right is to navigate to the login screen and re-create it from the Accost bar.

As with KeePass, yous tin choose a colour and an icon for each entry. But unlike KeePass, F-Secure KEY doesn't let you tag, group, or otherwise organize your entries. They evidence upwardly in one big alphabetic list. In one case you assemble a few dozen, you'll find yourself using the search box quite a bit.

One way to avert all that typing is to import from an existing password manager. F-Secure KEY tin can import from LastPass, Dashlane, Symantec Norton Identity Safe, and a half-dozen others. It tin as well consign your passwords to an XML-like file. Annotation, though, that the login credentials appear equally plain text in this file; treat information technology equally highly sensitive.

Countersign Replay

If you rely on Chrome or Firefox every bit your principal browser, you can enable automated password replay. In the Settings dialog, choosing Browser autofill reveals buttons to install the Chrome and Firefox extensions. In an unusual touch, completing the installation requires copying a lengthy potency key from the settings dialog to the extension. Once the extensions are active, F-Secure puts a key icon in the username field; clicking information technology gets you a list of matching logins.

Those using Internet Explorer or another browser must select Arrangement autofill rather than Browser autofill in the Settings dialog. In the by, using this feature required pressing a special key combination. The current edition puts a fundamental icon in the username field, just as with Chrome and Firefox. However, yous can't take apply Browser autofill and Organisation autofill at once. If you switch betwixt browsers frequently, this could be tiresome.

Like Keeper, LastPass, RoboForm, and a few others, F-Secure tin manage application passwords, merely only if you've called Organization autofill. You create an application password entry just like any other entry, simply when information technology comes to the URL field you but drag and driblet the application itself. F-Secure puts a primal icon in the username field, just as it does in Internet Explorer. However, information technology lists all your logins, not just ones matching the application. Back up for awarding passwords is nice, merely it's sorry that you tin can't use it and notwithstanding autofill in Chrome and Firefox.

Password Generator and Security

If you lot install a password director just exit all your passwords gear up to "countersign" or "123456," you oasis't achieved much. You need to change those passwords to more complex ones. Hey, yous don't have to remember them, then they can be long and random. Like well-nigh competing products, F-Secure KEY offers to generate complex, random passwords for you lot.

The countersign generator becomes bachelor when you're creating or editing an entry. It lets yous cull which character types to include in the countersign: lowercase letters, capital letter letters, digits, and punctuation. All four are enabled unless you actively exclude them.

Password length is always an issue. I'k non satisfied with the eight-character passwords generated using the default settings in Norton Identity Condom. Generating thirty-character passwords by default, Myki Countersign Manager & Authenticator had the longest default, until now. However, F-Secure takes the default-length crown, creating 32-character passwords out of the box.

If you lot walk away from your desk with your password manager unlocked, an office snoop could grab your individual data. Similar most password managers, F-Secure KEY tin can automatically lock up after a period of inactivity. By default, it locks after five minutes. The other choices are an odd collection: 30 minutes, threescore minutes, x hours, or 1 week.

Sync and Mobile

Syncing across multiple devices is a fantastic feature for those of us who don't just stick to the desktop. Yeah, the PC or Mac desktop is best for creating password entries. Once they're created, y'all tin can say bye to the onerous task of typing "3ephADE@&anE(>k" on a diminutive smartphone keyboard.

Some countersign managers crave special authorization to sync with a new device, such as entering a verification code sent to your smartphone or e-mail. F-Secure Central does things a bit differently. You lot commencement by installing the product on the device of your choice and, when prompted, choosing to connect rather than create a new account. Note that while the app appears in the Apple Shop and Play Store, Mac users must download direct from F-Secure.

Back on the original device, you generate a synchronization lawmaking, which is valid for threescore seconds. Enter that code on the new device, enter your main password, and yous're connected. From now on, changes and additions fabricated on one device sync to all of them. Yous can simply add a new device for syncing if you lot're logged in on an existing trusted device.

On the Apple tree MacBook Air xiii-Inch I used for testing, the app looked nearly identical to the Windows edition. It even offered Browser autofill for Chrome and Firefox, System autofill for other browsers. Nevertheless, in testing I institute that organisation autofill doesn't work, and my company contact confirmed that the product just supports Chrome and Firefox on the Mac.

For mobile testing, I installed the app on an Apple tree iPhone SE and a Moto G5 Plus. The product'due south appearance on both mobile platforms looked much like its Windows incarnation, with 1 large exception. In improver to the alphabetic list of logins, a Favorites page displays up to eight of your favorite logins, icon-only, in a ring. New since my last review, your favorite selections at present sync between devices. You can authenticate with a fingerprint on mobile devices that support it.

On Android devices, F-Secure Fundamental installs a special keyboard input method that allows information technology to make full login credentials in the browser. Yous tap the icon for an entry, which opens information technology in the browser. Then you select the special keyboard and tap the button corresponding to the proper name of the entry. In testing on a Motorola Moto G5 Plus, I plant no way to activate the alternate keyboard, fifty-fifty after consulting the F-Secure knowledge base. I have seen this characteristic working on other Android devices, even so.

Dashlane, LastPass, Sticky Password, and others manage to fill up credentials under iOS by adding to the Share icon card. Another common selection is to offer a browser inside the password director. F-Secure Key does neither, though iOS users can fill credentials using copy and paste. My F-Secure contacts tell me they program to improve this for iOS 12.

On mobile devices only, F-Secure offers Breach alerts. These alerts provide notification when a pop website has been hacked or otherwise breached. Naturally y'all should modify your countersign for any breached site. There's also a handy icon to share the warning via social media.

Password Status

New since my last review, F-Secure Central offers a simple countersign status report. It lists all saved passwords and flags them as Strong, Moderate, or Weak. Y'all can click to see passwords matching merely one of those ratings, or to come across passwords that you lot've used more than once. The status check besides flags common passwords; if you use "password" for a site, you'll get zinged.

You don't get help with improving weak or duplicate passwords, other than a button that opens the site'south data for editing inside the password manager. What you must exercise is log into the site and navigate to the password change folio. Then generate a new countersign within the editor, and paste that password into the password modify folio. Countersign Dominate Premium and RoboForm, among others, brand things a flake easier. You click a link to go to the site's password modify page, and the password manager captures your modify.

Dashlane, LogMeOnce, and LastPass take the concept of fixing weak passwords to the next level. For supported websites, these products can totally automate the password change procedure, making the change online and recording it in the password collection. Keeper Password Manager & Digital Vault offers one-click updates once y'all navigate to the password-change page, but, according to the designers, its cypher-knowledge policy precludes totally automating the procedure.

Credit Card Storage

Filling in your username and countersign on a login page isn't much different from filling in your personal data on a shopping site's web class. Many password managers offering automatic form filling, to one degree or some other. RoboForm Everywhere is the long-fourth dimension master here, offering multiple identities and multiple values for each data field. Dashlane likewise does well, putting a menu of options right adjacent to the fields y'all're filling.

With the current version, F-Secure KEY dips a toe into personal data storage. Specifically, you can utilise information technology to save whatsoever number of credit cards. It even includes icons for the major credit card types. Disappointingly, all information technology does is shop and sync the data. Using that data to fill up a spider web form is a thing of copy and paste.

What's Not Here

Since my last review, F-Secure Key has added a basic password-rating system, merely not the automated password update featured in a few other products. It now stores credit card data, just doesn't employ it to aid you fill up spider web forms. And where most password managers automate the process of capturing passwords as you log in, F-Secure still requires y'all to create password records by manus.

Countersign Dominate, AgileBits 1Password, and most of the summit countersign managers include a provision to securely share credentials with a trusted partner or friend. In some cases, y'all can share use of the password without making it visible. In others, sharing is two-way, so your partner's changes sync back to your ain account. Secure sharing isn't a feature of F-Secure KEY.

On a related (only grimmer) notation, some products provide for handing passwords to your heir in the event of your death. LastPass, DashLane, and LogMeOnce are amongst the few that offer this feature. Typically, there's a waiting period before inheritance, to forestall an heir from jumping the gun. Zoho Vault works a scrap differently, allowing an ambassador to accept control of a departing employee's work-related passwords. Password inheritance, too, isn't something you get from F-Secure.

When I final reviewed this production, all you got for back up was an online FAQ and community discussion pages. I'm pleased to run across that F-Secure now offers alive chat back up.

Good, Not Great

F-Secure Key performs the basic tasks a countersign manager should, though information technology doesn't automate password capture. The company has a cracking reputation for security, and the current version has added a few new touches since my last review. The problem is, the competition has been evolving besides. The all-time countersign managers, even the free ones, do things that this product doesn't. Keeper Password Managing director & Digital Vault costs a bit less than F-Secure KEY, and Dashlane doesn't cost much more. Keeper and Dashlane take Editors' Selection honors for full-featured password management.

Source: https://sea.pcmag.com/f-secure-key/28306/f-secure-key

Posted by: ellisbelve1990.blogspot.com

Share this post