A few years ago I was one of the founders of Clickpass which offered a consumer single-sign-on service. There were lots of challenges with it. One of the overarching problems though was monetisation. It's very hard to make revenue from such a service and therefore to improve it.<p>Long after the company had been acquired I kept thinking about security and it occurred to me that one of the fears after an attack is worrying "what else is vulnerable". Your GMail account is compromised, what does someone get into next?<p>It occurred to me that it might be useful to have a "Panic button" or "Deadbolt" service which you could quickly access (after suitable authentication) and which would immediately lock down all your accounts, change their passwords and prevent any cascading attacks. You could pre-register all your accounts, even the esoteric ones you might normally forget and lock them all in via a single SMS (or similar).<p>I'm interested in what the sentiment of the developer community is. Is this something you would want?
The devil is in the details, I think. What you're describing seems lik something that adds insecurity (single point of failure, etc.). The overarching idea is a good one, and if you can reframe it so that it gives comfort to technical users (who will then become your evangelists) you may have a winner.<p>I think ideally it needs to solve more than one problem, e.g. Make it easier for websites to handle user accounts or avoid having to handle them while not being Facebook or twitter.
No, I wouldn't be comfortable with a single hosted service having access to all my passwords. All eggs in the same basket, you know. My Google Account - my single most important account - uses two-factor authentication so I feel fairly content with that.
I think there is a market for it, The other poster does have a point though, it is a single point of failure, from your site being compromised, point of view. You would have to think very hard about security, like a 2 phased strategy or something like that, where all the passwords are stored encrypted and your services does not have the key, the lock-down code, could be the key that the user provides, to unencrypted the passwords and site url's they go to.<p>The other option would be to make it a client side app, where they store the passwords locally and are responsible for their own security.<p>I don't know what your market looks like in terms of pay or free, I know I would not pay for it, but I am not many peoples target market. I usually an outlier when it comes to user demographics.
I think the only way I'd feel comfortable if somehow all the apps I used used a standard way of locking down the account without needing the password.<p>The thought of another service keeping my password in a reversible fashion, and transmitting that, scares me a lot.
This is an interesting concept. Once upon a time, there was big money to be made in a similar service for credit cards. You'd register your cards with this company and pay them an annual fee (usually around $20). If your wallet or cards were stolen, you could call their number and they'd call to freeze all your cards. The business was a bit scammy for a few reasons: the way they marketed being a key one; most CC companies won't/can't hold the card holder responsible for fraud anyway because of consumer protection laws, so the service was largely unnecessary. There was a lot of drama in that market at one point. Some light reading can be found here: <a href="http://www.google.com/search?q=safecard+services" rel="nofollow">http://www.google.com/search?q=safecard+services</a><p>So back to your service. I think there's real value here. I'm security concious. I use a password manager (1Password) and make full use of its features. I use a strong master password, but I still fear the day my laptop or iPhone are stolen. I worry that they'll find an exploit or some means to get to my password data, at which point I'm screwed. I would like to have the ability to lock down my most sensitive accounts in the event of a security breech.<p>The primary friction revolves around trust. In order to reset my passwords, you'd need my account info. That means my data would be in yet another centralized location. This is bad practice. My password manager is a necessary evil. Your service would be another necessary evil. I'm not sure how you'll get past that.
This is a far more enthusiastic response than I expected to this service. Just to note I'm not (currently) planning on building this service although given the demand maybe I should be.<p>There are a few interesting points that have come out of this:<p>1. I anticipated this service appealing to someone who's afraid of computers, I did not expect such a bullish response from people who are very much in control of their machines<p>2. There is very good (real world) precedent for this in Lifelock who sell a somewhat shady service which packages up some free services the US government offers and then resells them as a package to consumers. The company is KP backed and has made a fortune from this.<p>3. People have mentioned this being a potential one-key-to-rule-them-all security vulnerability. While storing your passwords anywhere is a vulnerability, this particular one already exists in the form of "forgotten password". Most (but not all) accounts have a "forgotten password" facility which sends a login to your email. Access your email and you've accessed everything with a "forgotten password" facility<p>4. I believe that as @tylermenezes pointed out, one could avoid storing unencrypted passwords by using your deadbolt password as a two-way encryption key.<p>It would be interesting to hear the thoughts of security experts on such a solution.
Recently my laptop was stolen and I needed to immediately lock down all my online accounts, since I had to assume they were all compromised. It was a very stressful and time consuming task, and I even forgot about a few.<p>The service you describe is exactly what I've been looking for ever since, but the big problem is establishing trust. Being a for-money service would increase that trust for me.
I think it's a great idea, actually. No matter how secure your online identity is, I could see a useful service where you can control/limit access from a centralized location. I'm not certain I could justify that price for just this lone feature (particularly for someone who is already meticulous about their identity management).<p>I'm actually working on a privacy-centric solution in a similar vein (though I didn't quite have this feature in mind) and have a few ideas on how something like this might be monetized. I intend to pursue these ideas myself, but happy to discuss some of them with you over email, if you're interested.<p>If you are, <my initials> (at) nobulb.com should do the trick. :)
If said service requires passwords to all of my accounts, then, no, for reasons others have mentioned.<p>But what about a slightly different model: Panic Button service makes deals with Facebook, Google, & other big players[1] which create channels for Panic Button to be able contact them and change passwords or lock accounts on behalf of a user, but Panic Button doesn't actually store passwords for these services?<p>When a user wants a lockout, they contact the Panic Button service, via at least 2-factor authentication, possibly more.<p>[1] No doubt rather difficult.
I voted "No" but you're really asking in the wrong place. I already use a different password on all my accounts and they are only stored in one place, my head.<p>Your target customer is more the savvy "consumer" computer user, the same sort of person who might subscribe to a service like LifeLock. A person who is aware of the need but not familiar enough with how security works to be confident in doing it themselves.
It sounds good...but is an iceberg type of problem.<p>How do you activate the deadbolt without giving the ability to someone with my phone to do so?<p>How do you store all of my most important passwords? I don't care if someone compromises my facebook account nearly as much as bank account. Is it a bigger risk giving this single point access to all of my most important accounts?
The key is trust. Your company, should it be successful, would be "attacked" by the United States government. The attack would come in the form of a couple of well-dressed men in suits carrying badges but no guns, who would make an appointment, show up on time, and proceed to lay out the benefits to you of a cooperative agreement with the United States of America. They would perhaps be armed with one or more laws which would further encourage you, and those same laws would also prevent you from disclosing (even if you wished it, which you might not) that you've made that deal.<p>I would be interested in a service allowing me to change all my passwords at once. That's valuable. But not if it just makes my security worse. Trust in the company would be a major major factor. Ideally the company would be run by some known cypherpunk or other person who is morally opposed to making that deal with the government, and physically located in Switzerland or some other country where instant compliance with the United States government is less likely.<p>Your company and employees should also be bonded for some ludicrous amount of money, for damages resulting from any breach of your security, including intentional ones...<p>If your hypothetical company was incorporated in Delaware, headquartered in California, and run by some random guys who hope to win the startup lottery and sell out to McAfee or Symantec or whoever, then I can't imagine ever using your service at any price - I would perceive it as adding negative value (adding insecurity without adding security), so it would be something you'd have to pay me to use.
I would never give one online service write permissions to all of my other online services.<p>I would consider using something like this if it were entirely self-hosted, and open-source. I already avoid single-sign-on; I would also avoid single-sign-off.
i would be too worried that it would get triggered by accident or that someone would pretend to be me and hit the "panic button". i could imagine being on vacation and suddenly being locked out from all my stuff. it's bad enough when my bank card gets flagged.