PapaFrancis* Dec 28, 2012 @ 4:51pm
Will password protection ever be made available?
I am interested in purchasing this software, but I have concerns about the privacy of my information (both locally and via remote/web threats.)

I am posting this thread in the hopes that I can get a response from one of the program developers. I'd like to know whether there is any hope of a password protected login / encryption option for this program.

I have already checked on the web regarding this issue and I realize that I can use a password on my windows login (I do already) and/or encryption from a seperate application, but I would prefer that the program I might pay 45$ would provide those services by default. I'm not looking to start any sort of argument, simply seeking a response from a developer. Thanks very kindly, God bless.
Showing 1-15 of 27 comments
< >
RodeoClown  [developer] Dec 28, 2012 @ 5:53pm 
It is something we are discussing.
It's not due for implementation in the immediate future however, as we have a very small development team, and every feature we implement prevents us working on another. Fixing the Steam import bug is our number one priority at the moment (it doesn't work for everyone, probably a file permissions issue), followed by improving how we deal with credit card handling.

After that, it might come up in the development queue, but I can't promise it at this stage.

Cheers.
[LKH] KrankerKlepto Jun 26 @ 10:59am 
would really like to see that as well!
PapaFrancis* Jun 26 @ 1:08pm 
I have started using the iPhone app with my wife, and I discovered that you can add password protection to that app (which I love!) But again, I'm still desiring the feature on the desktop version of the application. Please pass the message up to the developer team!
cokebottle Jun 26 @ 1:11pm 
They already know about it, but so far the answer is still the same: Use a password on your user account on the computer. That way you'll not require individual passwords for all the programs you want to protect.
Last edited by cokebottle; Jun 26 @ 1:12pm
RodeoClown  [developer] Jun 26 @ 1:57pm 
Hi PapaFrancis,
We don't have any plans to add a password to the desktop app in the near future (there's been a LOT of discussion about it internally - suffice it to say it's not as simple as just having a password on the budget file or the program). That said, every OS comes with password protection, and we'd encourage you to use that if you don't want people looking over your budget.

Cheers,
-Ian
Lukkian Jun 26 @ 2:15pm 
You know that the lack of password protection is a decisive factor when choosing to buy this software? The information that would be exposed are very sensitive and at least for me without the password protection I would not be able to buy the program. Even really enjoying all the other features. A pity.
cokebottle Jun 26 @ 2:16pm 
Why not put a password on your computer user account?
Lukkian Jun 26 @ 2:34pm 
Thank you. It's an option, but that does not makes it very difficult to intercept the data across the network when starting synchronization, right?
Also, I have my own reasons for preferring the protection directly into the program, as I already have in other software.
RodeoClown  [developer] Jun 26 @ 6:10pm 
The data is encrypted via SSL as it goes over the network, but it's not encrypted in-place on your computer.
Ulag Mil'ladib Jun 26 @ 8:24pm 
A bunch of us discussed options on the YNAB forum on their website.

Basically, the reasons given for NOT having password protection was that YNAB didn't want to get the blame if / when someone forgets their password and loses their budget. I didn't care much for that answer because I don't think it's right or fair to deprive the majority because a minority weren't clever.

That said, I repeat now what I said then - anyone wanting to use password protection/encryption for YNAB should be required to sign up for the forums. Each forum user has a username and password, along with the ability to retrieve/reset the password. Make that username/password be the details used in YNAB and problem is solved. Users get the protection they are after - true protection rather than some half-solution that actually offers no real protection other than from the computer illiterate; YNAB gets the reassurance that people won't blame them when a user forgets their password. Win all around!
DreadPirate_Duo Jun 27 @ 7:41am 
Originally posted by RodeoClown:
The data is encrypted via SSL as it goes over the network, but it's not encrypted in-place on your computer.

This is a bad thing... you should definitely be encrypting this data. This is a huge oversight in my opinion and I would not have purchased the software if I realized you store everything out in the clear.

Passwords should have been implemented a long time ago, this should not even be a discussion, it should be a priority on your list.

The real question isn't why should it be encrypted... the real question is what good reason is there to NOT encrypt this data? There are not any reasons, good or bad, that would justify the decision to not encrypt the data.

I can appreciate small teams, I worked for a small company for over 10 years... but honestly lack of resources is not a valid excuse on this one, this should be a top priority. You need to make sure you perform "Due Diligence" in your attempts to protect your customers data... that is an IT legal term that I have come to know well over the 10 years at the SMB I worked for... if you are not sure what I am referring to, please take some time to read up on it.

With that being said, as an IT Professional that has worked with financial institutions (Credit Card Companies (Processors), Banks, Retail and Hospitality (Point of Service) I am disappointed that YNAB's customer files are not protected with some sort of effort, no matter hoe minimal it is.

Personally, I cannot recommend YNAB to anyone until the security issues with the software are remediated.
cokebottle Jun 27 @ 8:00am 
There is no critical information stored in the budget file unless you manually enter it yourself. No account numbers, no card numbers. It is encrypted by SSL syncing, and while that is not perfect (Heartbleed), it's good enough for this kind of data for most people.

The majority of YNAB's userbase is technically unskilled people who most don't know or care about computers work. I'm not one of the devs, but one of the reasons given why no encryption is done is to avoid having to tell users that their entire budget is lost because they forgot their password, and there is absolutely no way to get it back despite the budget file being right there on their computer.

Doing encryption itself isn't that hard. Doing it in a userfriendly, transparent, and seamless way is.

If you want your budget file encrypted you can of course store it in an encrypted TC container or something. You'll lose the easy mobile sync (Cloud Sync), but can still use the old manual WiFi sync.

I'm fairly privacy and security-minded myself, and would also like it to be encrypted. But it's simply not true that it is critically important for this data. It certainly won't stop me from either using or recommending YNAB.
Last edited by cokebottle; Jun 27 @ 8:04am
DreadPirate_Duo Jun 27 @ 8:18am 
I have to disagree with you there. In my years of experience working with financial institutions some of the most critical information attackers use for fraud is history and patterns in spending. Patterns can be used for attackers to gain access to your accounts via phone systems and "overly helpful" customer service reps.

Encryption in YNAB would be simple. They could even grab the encryption methods provided for them in their programming language in choice. .NET has some great options provided by Microsoft using AES encryption that are easy to implement and effective in many situation.

The only time I have seen encryption be a problem is when various software vendors are trying to interface to the program using a direct file read. I doubt that YNAB runs into this very often.

I don't think it is an acceptable answer to state that there is not any risk of information loss unless someone puts in critical data themselves. Many people that have multiple accounts will put in bank name, last 4 of account number, and other data for sorting that would be compromising when combined with the other information in the file.

As I stated before, the question is never why should it be encrypted... the question is what good reason is there to not encrypt the data.
PapaFrancis* Jun 27 @ 8:27am 
I have to agree with DreadPirate here. The more difficult it is for an individual to gain access to sensitive data the less likely they are to even attempt it in the first place. Even with very basic precautions in place like a password to enter the program the likelihood of data being compromised goes down significantly.

The same goes for physical paperwork in real-world scenarios: If you leave your sensitive paperwork lying out on a table in your bedroom, the chances of prying eyes reaching your private information increases, and the temptation those individuals face increases as well (Father of the Bride anyone?) On the other hand, having a simple desk drawer with a feeble lock will decrease the possibility of prying eyes / amateur thieves significantly.

You may argue that a theif can still break into the house, circumvent the security system, reach the desk and easily break it open with a crowbar; You may suggest that a safe is necessary - but not just any safe (because the theif could just walk away with a small safe.) You may suggest that it is necessary for me to purchase a 1200 pound safe, or one that costs thousands of dollars and is fixed to the foundation of my house... but the cost and energy that go into purchasing or achieving those levels of security go far beyond what is necessary in most cases of physical privacy theft.

The same goes for digital privacy concerns. I just want a basic level of protection, and I don't feel that is too much to ask.
[AOA]Batfasturd Jun 27 @ 10:26am 
You could as a temporary solution use something like trucrypt to install the program/data on a password protected and encrypted volume. I don't know the full directory structure but it might work in the mean time. I can see both sides of the coin but I also think there is nothing too personal in this data and if you are truly worried about it then your PC would be password protected as this is not the only thing on your computer that is vulnerable (Browsers history, saved/cached passwords, etc...)
Showing 1-15 of 27 comments
< >
Per page: 15 30 50