Bluink Blog

A Better Way to Manage Passwords

Posted by Larry Hamid · 496 words, and it’s got 0 comments for now.

Years ago, after a long, unsuccessful search for a solution to my growing password problem, Bluink Key was conceived.

Everything I saw on the market turned me off for multiple reasons.

The first reason was the biggest: Every consumer-grade password manager wanted to happily take all of my passwords and store them in the cloud alongside everyone else's, creating one big, juicy target. This is the last place I would want my passwords, even if I could trust a third party to keep them absolutely safe. My secrets belong with me and only me. Password managers at the time were also doing a terrible job of protecting the data that they hosted. They’ve gotten better, but only after suffering numerous data breaches.

The second reason is that most password solutions would only work in a supported browser, where some sort of plugin or extension had to be installed. The browser is not a place I wanted my passwords to be accessed and manipulated, since browsers have literally been a playground for malicious software. Just this week, a “major architectural problem” was discovered in the browser-based password manager, LastPass, which allows websites to steal passwords and execute malicious code on users’ computers. If you're interested, this paper digs into some of the ugly details of similar solutions.

These two reasons alone kept me from even considering a commercially available solution, but I also had my own wish list:

1. I want my secrets to be with me all the time, not managed by a third party

2. I want full portability: any machine and any operating system without installing software

3. I want it to work with any application (machine logins, full disk encryption, terminals, etc.), not just a website login

4. I want it to be automated

I realized that if I wanted my wish list, I'd have to build it myself. I had a smartphone at the time, and I knew it was the best option to use as the basis of the solution for the foreseeable future. And so Bluink Key was born. Not only did I get my wish list, but it's been getting better ever since.

Simon Jones, tech communications strategist, says that “the single greatest point of vulnerability is now the password managers. Once that’s defeated, you’re giving hackers the keys to the kingdom. Therefore, ordinary users have fewer secure options than ever. The concept of keeping my passwords close – in an encrypted format – yet also being easily accessible, is the way to go.”

Seriously, in a world where options are narrowing, Bluink Key is extremely relevant. It gives me the convenience I want with the security I need.