Is there a way to set up a password in the desktop edition?
No, if you are worried about someone accessing your computer, you should set up password on your computer.
I do have a password in my computer. But I think it would be great for extra security!
You could argue this way about every app you are using on your computer.
How about your web-browser? You probably remain logged in your email account and in bunch of other websites after you close your web-browser. Does your web-browser allow you to set password which you need to enter every time you start your web-browser?
Yes, it does. Firefox has a setting to delete session information whenever it is closed, and if a browser-level password is set for saved login information, it does indeed have to be reentered for each new Firefox session.
I can think of several programs with particularly sensitive information that have the option for a program-level password as an additional layer of security beyond the workstation-level or user-level password: Quicken (one to start the program and another to do an online update), Skype (to connect), Firefox and Chrome (for their password vaults), Kaspersky Internet Security (to change antivirus and firewall settings), as well as most encryption programs (to access an encrypted volume). Even with 2-factor authentication, Gmail gives the user the option to save the authentication key for 30 days on a particular workstation, but it’s optional.
Given the special sensitivity of the information many users store in Manager, I think it’s a very reasonable request that the *.manager file be encrypted and, optionally, password-protected.
That’s actually the problem. Non-technical users don’t understand encryption. If you ever lose or forget password to encrypted file, it’s gone forever.
So what Quicken did to fix the issue? They’ve introduced backdoor which means there is master password which can open any encrypted Quicken file.
I think it’s dishonest to add password-protection and imply security when in fact there is a backdoor. I’ll rather not implement it at all. After all, you can always put Manager data on encrypted volume if you know what you are doing.
For the rest, I recommend to set password on operating system level. Why reinvent the wheel.
But that should not be a problem. I mean, I understand your position. It is true that is dishonest to add and encryption when there is a backdoor. But, who made the backdoor if not the same one who implemented the encryption method? Why? And why encryption is simply “not worth it”? A browser does not manage my financial information, that is just an absurd comparison, with all due respect. I know how to create an encrypted volume and put my information in there. For accessing my computer you have to know the disk encryption password (a really long one) and my user password, because my “Home” is also encrypted. But that doesn’t mean I’m always secure. That doesn’t mean that a person could not access my data anyways, because if I left my computer on and someone access it when it is open, they’ll see all I have and then realize that my encryption are just not worth it because I don’t really have anything important in my computer. That doesn’t mean either that I should give up on my security and privacy right. Like I said, I really understand your argument. I just think is not good enough.