Hi, I have been using Manager for a few days and I love the interface and simplicity - great job. Are there any plans for password protection for desktop edition? Just seems like a basic and critical feature even if its free.
2 Likes
To be honest, I don’t know how to implement this. If I would have to do it super-secure, then all data would have to be encrypted but that would mean if you forget your password, you essentially lost your data.
Or I can do it less secure (without encryption) but that would mean attacker could just overcome this protection by simply coping contents of your Application Data folder onto another computer.
So there are two ways to implement this feature and both have undesirable consequences.
Also every operating system now allows you to protect your computer with a password (btw, it’s not really secure), what’s the point of doing the same lousy security scheme on application level?
Makes sense. I was only thinking on the level of a casual browser of my computer, family or friend coming over - just protection against nosy people and not so much hackers.
Thought this maybe similar to your “Restricting users to see one company only” feature.
Thanks so much for your support.
Server/cloud editions make this easy because data is not actually on your computer so without password, it is really not possible to gain access while data doesn’t have to be encrypted on the server.
Anyway, I suggest you create at least two accounts on your computer. Install Manager under your personal user account which you will password protect and then have Guest account without password protection for family and friends.
Not only this approach will protect your accounting file but also your other documents, web-browser authenticated sessions etc.
A simple solution could be to create a new user account on your computer, and have the data in the user folder of that account. For book keeping, you switch to that account, and from your general account there should be no read rights to the data.
I’m not sure how feasible this scheme is using Windows, but it should probably work.
I think the database is not accessible by any other database engine other then Manager (not sure). I saw few other software using sqlite and those database is accessible by database browser like software.
A general protection can be issued by protecting the desktop interface from unauthorized access.
Make thing simple. Hope that will help us all.
A table and 2 form can do this for us.