It seems that if I close the KeeVault browser tab, the Kee plugin says ‘OFF’. Does the KeeVault tab really have to stay open all the time, or am I doing something wrong?
The Kee Vault app can only run when it is open in a browser tab. If you close the tab, when you re-open it the app loads again from scratch and you need to sign-in again.
Kee needs to be able to “talk” to the Kee Vault app in order to auto-fill your saved passwords and generate/save new passwords for you; it can only do that if Kee Vault is running.
Depending upon your operating system and web browser, you have various options to tweak this behaviour to your preference.
We’ll try to make a comprehensive list eventually (please post a reply if you have any advice/tips that you use) but for starters:
Firefox and Chrome both have a little-known feature called “Pinned tabs”. You can right-click on the Kee Vault tab and Pin it. Now it will take up far less space on your list of open tabs and be more difficult to accidentally close.
I understand that Mozilla are currently (or will very soon be) promoting this feature within Firefox. We may also promote it as part of the initial setup of Kee Vault if feedback suggests that would benefit new users.
Ok. Is there a plan to make this work like LastPass - where the extension runs without needed a LastPass tab to be open?
No plans for that at the moment. Can you help me understand the benefits of that change?
I guess with the tab pinning feature it’s not too big a deal if the tab has to remain open or not, however I noticed that one has to re-authenticate to their KeeVault every time the browser is closed/opened. I suppose this is a security feature? But what is a tad confusing, to me at least, is that there is a browser extension which is actually (seemingly) just for connecting to a source of credentials for the purpose of auto-filling. So it’s not a dedicated KeeVault extension, like the LastPass extension.
My overall thoughts on KeeVault center around comparing it to ease-of-use of LastPass, it’s features and pricing, as well as to the security, but cumbersomeness, of KeePass. Maybe my expectations are too high (the probably are), but I was hoping for something like LastPass which would be able to replace LastPass and at the same time KeePass - for which I would be willing to pay.
Essentially I would be willing to pay for a product that offered the following:
- Security of KeePass DB
- Dedicated Browser Extension for KeeVault (Chrome/Chromium, FF)
- Mobile (Android) App (with or without auto-fill)
The ability for usage in other applications (like Thunderbird) would be awesome of course (maybe something for ‘Premium’ subs ).
Yes that’s a security feature and yes the browser extension (as it always has done) connects to an external source of credentials. There are various possible ways we could at least give an illusion that this is not what the extension does, although no really quick and easy ones come to mind. A full rewrite of the extension to be able to work natively with Kee Vault data would most likely cost around £100K to develop and would come with significant ongoing costs relating to the complexity of maintaining KeePass support within the extension.
That’s not an unachievable goal in the long-term but I will be surprised if there are not better ways to reach whatever benefits come from a “Dedicated Browser Extension” (please feel free to elaborate on what that means to you; so far I think that one meaning is that you should never have to enter your master password?)
The only definite way the LastPass approach you describe could be as secure as the KeePass and Kee Vault approach to master password entry is if there is a native application installed on your computer which is always running in the background while your browser is closed. Perhaps there is a way that also relies upon their servers being online when you start your browser but I’m fairly sure that can’t be secure and it would mean that attacks on the LastPass infrastructure can adversely affect either the security or availability of your passwords. It certainly doesn’t look like either approach has the balance of security and usability that I’m aiming for with Kee Vault.
As far as the mobile app is concerned, you should be able to just install it when you load Kee Vault in your browser (Chrome works best but you should be able to muddle through with Firefox too). It works offline and has reasonable (not perfect) usability on a small screen so I think this already ticks off the 3rd bullet point? Auto-fill would be a nice feature for the future but I don’t think it will be trivial to implement.
The only way Kee Vault could work with other applications on the same computer would be if it required the installation of a native application. I won’t rule that out forever but at least for the foreseeable future I would recommend copy/paste from Kee Vault or using a separate KeePass database for these passwords - it already has integration options for various applications such as Thunderbird and Putty (SSH). Not a perfect solution I know, but I hope it’s good enough to get Kee Vault off the ground.