Comments on: Google Keeps Your Secrets Safe on Your Android Phone

By: Airlines.

Airlines. — Sun, 21 Feb 2010 19:55:48 +0000

Hawaiin airlines....

Southwest airlines. Continental airlines....

By: Charbax

Charbax — Mon, 13 Apr 2009 16:01:27 +0000

OpenID is cool, and I think Google FriendConnect looks very promising. Though 95% of forums and other types of online communities do not support OpenID yet, though they all have standard username/password logins, and they often run standard systems so Google could automate the password changing feature to store such unique passwords for each site centrally. The worst security problem on the Internet I think is that people often use the same password across dozens and dozens of online communities which they are members of. So Google should provide somekind of toolbar in Chrome, in a Firefox plugin and on Android browsers, which would manage all your online identities all with one central password.

By: Marc Seeger

Marc Seeger — Mon, 13 Apr 2009 14:17:22 +0000

At the moment, > 40000 sites accept OpenID (" target="_blank">http://blog.janrain.com/2009/04/relying-party-sta... And if you've got an account at any of those services, you already have an OpenID: Google, Myspace, MS Live, Yahoo!, Blogger, AOL/AIM, Live Journal, Flickr, ... It also is generally NOT a good idea to chose a "simpler" password/pincode for the account that controls ALL of your other accounts. In cryptography, a chain is also only as weak as its weakest link But you are right: In general, a good "identity management" solution is really needed on the net. Facebook Connect is kinda lame because it's only limited to Facebook, MS Cardspace has really solid fundamentals and uses good crypto (WS-* family) but OpenID is the only standard that is actually open and people can set up their own OpenID Providers easily on e.g. their own domain.

By: Charbax

Charbax — Mon, 13 Apr 2009 14:07:00 +0000

Very few sites support OpenID. I want Google to go and take care of all user accounts on any site that uses Username/Password for authentification. Basically what Google then does, is to log-in for you automatically when you go on those sites using Chrome, Android browser or whatever device where it knows it's you that is using it, eventually asking you for the Google Account password or some other shorter pin code each time.

By: Marc Seeger

Marc Seeger — Mon, 13 Apr 2009 14:01:20 +0000

that's basically what openID is for Google is even an openID provider, so you can use e.g. your google account to log into sites supporting openid...

By: Charbax

Charbax — Mon, 13 Apr 2009 13:56:14 +0000

Yup, I'd like one Google account password to access all my online identities, and not only the ones compatible with FriendConnect. Basically, I would like Google to scan the whole Internet and tell me where it thinks I have an account on forums, community sites and other stuff, I try to enter each password, or get the forgotten passwords emailed to my Gmail, and Google should then change the password to a very strong and unique password for each different site that I am a member of. And store them all behind the Google Accounts wall. So I only need to remember one password for all my online identities.

By: John

John — Sun, 12 Apr 2009 12:39:01 +0000

Hi Roger, Do you think Secrets will eventually do cloud computing? I'd like to be able to access my secrets through a browser as well, like with gmail and google calendar. Or are the security risks too daunting?

By: Daniel

Daniel — Fri, 10 Apr 2009 12:36:35 +0000

Thanks a lot, can't believe I missed this app.

By: Wayne

Wayne — Fri, 10 Apr 2009 03:48:23 +0000

Daniel, Take a look at this...it seems to have recieved some high marks... " target="_blank">http://www.cyrket.com/package/com.schwimmer.andro...

By: Roger Tawa

Roger Tawa — Thu, 09 Apr 2009 03:42:22 +0000

Hi there, I am the author of Secrets. Thanks for writing about my app on your site. To answer Marc Seeger, I am employed by Google, but I developed this application on my own in order to learn to write Android apps and to share my experience. Google retains the copyright of app, and hence the Google Open source blog post. But you are correct that this app is not tied to any Google services (for the moment anyway). To answer Dave's question, there are several "password management" type apps for the Android, but I believe they are not all the same. I encourage you to try many of them and see which one appeals to you most.

By: Marc Seeger

Marc Seeger — Wed, 08 Apr 2009 19:37:24 +0000

Does this actually have anything to do with google? The project owner has the nick "rogerta" and the package name doesn't seem to be googlish (package="net.tawacentral.roger.secrets")

By: Dave

Dave — Wed, 08 Apr 2009 18:44:42 +0000

There is a free app already in the market for a long time called Password Safe that does the same thing?

By: Will Bout

Will Bout — Wed, 08 Apr 2009 18:01:33 +0000

This is a really great idea. I cant wait until it comes out. I am using AK notepad for that stuff right now and i feel "vulnerable".

By: Daniel

Daniel — Wed, 08 Apr 2009 16:55:18 +0000

It would be nice if someone makes a way to secure pictures! Last thing I need is friends jumping onto my phone and looking at messages or pictures.