Chrome extension - "Store password"

metiukice

Hello,
I have only found out about your Chrome extension today (January 2018).
One question: WHERE EXACTLY is my password saved if I click on "Store password" under the icon on the top right of my screen, in Chrome's toolbar?
How do you guarantee that the procedure is safe?

Besides, it looks like this extension has been in beta since July 2014 (see P.S. below) - is that correct and is the Secomba team planning to develop an officially stable version?

Thank you in advance
Matteo

P.S. Excerpt from https://chrome.google.com/webstore/detail/boxcryptor/ijmndaodmdjamfepoijpolhjddgfgmme

*** IMPORTANT ***
Boxcryptor for Chrome is currently in beta.
[…]
Release notes:
--------------------
v2.0.205.88 (07/15/2014)

Robert

Hi, although you have already received our answer via support, I wanted to copy it here, so that everybody else can see it. Robert

---

No password will be saved, just the generated key and login hash will be saved encrypted with a static key.
This will be saved in the "Local Storage" of the browser and it's created for the extension in a sandbox.
So, actually, if a hacker has physical access to your machine it could be possible to read the key and the login hash.
But securing your local machine is up to you.

Now, regarding the Beta status of the extension: I can't give you any detailed information about a final stage, or when an update will become available.
We will add for example the 2FA option to it (actually it doesn't work wit 2FA enabled)

scans

I am very excited to use this technology. I created an encrypted folder with my Android app on my DropBox account and uploaded a file into it. However, when trying to go into the folder at the Dropbox website using the Chrome extension (logged into the same Boxcryptor account, obviously), there is a banner at the bottom of chrome which says 'You do not have access to this folder'.

Ideas?