The Master Password is a password that only you know and that is requested throughout the product for different purposes:
-
To decrypt the encrypted data stored in your Managers. This is its main purpose and the reason why it was created in the first place. Only your Master Password can perform this task.
-
To unlock the Main Menu or launch the mobile app if you choose to add this as an extra layer of security from the Settings.
Pocket Geek Privacy doesn’t know your Master Password. It is not stored on our servers and we have no access to it. In that case how does the “remember my Master Password” option work?
With Pocket Geek Privacy’s default settings and depending of your usage of the product, you may need to enter your Master Password every few minutes. That’s why, if it becomes tiresome and if you know that you will be on your computer for a while, next time you are asked to enter your Master Password, you may choose to check the box “Remember my Master Password for 10 minutes”.
The way this works is that your Master Password is then kept securely in an encrypted memory area of your browser. Pocket Geek Privacy’s servers still don’t have access to it at any time nor does any other server. It is kept locally on your machine.
You can configure your Security preferences in the Settings of the product to choose the length of time your Master Password is kept in memory.
On mobile also, your Master Password is, by default, required to access all sensitive data.
However, you can set up your smartphone in order to use biometric authentication instead (either your fingerprint or facial recognition depending on your device’s options). This is very convenient and doesn’t decrease the level of security. You can enable this in the Settings of your app (it will need to be enabled from your phone’s settings as well in order to work). This only takes a few seconds.
You can also configure the app in order to request the Master Password at the times and with the frequency that fit your usage best. From the Settings of the app, scroll down to the Security section and tap on “Master Password preference” to see the available options.
On iOS devices, if you choose to have your phone remember your Master Password in between launches, then dedicated storage space in Keychain will be allocated to store your Master Password locally until the next time you launch the app. Pocket Geek Privacy’s servers still don’t have access to it at any time nor does any other server. It is kept locally on your device.
The way it works on Android devices is very similar with your Master Password stored in the local Android Keystore.
It all depends on your usage and the level of security you are comfortable with. The technical solution has been vetted, but if you tend to leave your computer without locking your screen or if you lend your phone regularly to family members or have a tendency to leave it around and forget it, then we recommend that you stick with the default settings of your app. If you are an expert user and don’t want to be bothered by an extra layer of security while you already have a few in place, then you may decide to go for more convenience and usability.