Foxmarks Adds Cross-Platform Password Sync


Recently, we shared one of several cross-platform methods to synchronize passwords using the cloud. There’s many available options and methods to tackle this challenge, and you can add another one now that Foxmarks has officially launched version 2.5.

This Firefox extension is well-known for synchronizing bookmarks, profiles and more, but the addition of password management makes it a must have for me. At least until Mozilla’s own Weave project becomes more than a prototype.

Secure Password Sync isn’t enabled by default, so you’ll need to activate it once you’ve installed or upgraded to the latest Foxmarks version.

Note that the extension works with Firefox versions 1.5 through 3.0. I’m currently using the beta of Firefox 3.1 for the faster TraceMonkey JavaScript engine and Foxmarks isn’t yet compatible. I had to disable browser extension compatbility for the time being.

Similar to other password sync approaches, your passwords will be stored up in the cloud on the Foxmarks servers. I’m sure that a few eyebrows were just raised in terms of security and that’s a good thing. You should always question the security features of any web application. However, there’s two reasons to lower that questioning eyebrow.

  1. To use Password Sync in Foxmarks, you have to create a local PIN, or Personal Identification Number. Without that PIN, your passwords can’t be accessed on a machine with Foxmarks. The key here is that the PIN is stored locally between you and your computer. It’s never sent to the Foxmarks server. Think of it as a front door key that you carry with you.
  2. Your password data is encrypted with an AES 256-bit encryption algorithm before it’s passed between any computer and the Foxmarks servers.

Provided that your PIN is never compromised, this is about as secure and simple of a solution you can get for free. While it does require that you use the Firefox browser on your multiple devices, Foxmarks just added a “must-have” feature for productivity on my devices.



Good review.

This is something that I’ve always been wanting as I deal with a growing web client base, I’m faced with remembering more passwords everyday. Until now I’ve been using 1password, but of course that does not sync with multiple machines.

I have always been skeptical when giving up passwords to ‘cloud’.

I know that everything is encrypted using the AES Blowfish Government blah blah, but really, what does that actually mean for the users who doesn’t speak 1’s and 0’s?

I’m sure its probably more secure than writing down your passwords on a piece of paper, or keeping them in a google related account. I think passwords are the one thing Google doesn’t know about yet.

Comments are closed.