Review: Web Confidential
System 7 or higher (Shared Menus requires System 7.1)
1 MB RAM
The Internet has often been described as the thing that will bring people around the world closer together. While it has been somewhat successful on that account, it has been far more successful at getting me closer to my bottle of Aleve. I’ve learned one thing about beating my head against the wall trying to remember which password I use at Amazon.com: it hurts!
Out of necessity, I find myself relying more and more on cookie files to keep track of things. Looking at my cookie file, there were over 150 listing to various sites. The information in the cookie file ranged from last week’s football picks to information for sites with my credit card number. The fact that this information is stored in a text file on my computer worries me a bit. And while I’m not concerned about what the people in my dorm will do if they find out I picked the Packers over the Vikings (twice), I am concerned what will happen if somebody figures out my CDNow password from the cookie file. It’s bad enough to have my card maxed out, but to receive the bill for 50 Barry Manilow CDs—that’s just adding insult to injury. You can only imagine my excitement when I found out about Web Confidential, a tool for storing password, Web addresses, and other information that allows you to chose between two types of encryption: Blowfish or MacPGP 2.6.
Web Confidential is a program that handles names, addresses, passwords, and other bits of personal information. Contrary to the name, Web Confidential works with more than just the Web. It even works with more than just the Internet. There are actually 13 different categories of information handled by Web Confidential. These categories are WWW Pages, FTP Servers, Newsgroups, E-Mail Contacts, Login Accounts, POP Accounts, Bank Accounts, Credit Cards, ATM/PIN Cards, Personal Data, Software Keys, Serial Numbers, and Membership Numbers. There is also a fourteenth category called Password Manager, which I will touch on later.
Launching Web Confidential for the first time opens an empty file. Since Web Confidential is essentially a database to store names and passwords, you shouldn’t be surprised to see that it looks very much like a FileMaker database or an information card in a contact manager.
Every Web Confidential file is capable of holding all 14 type of data, so you don’t need a file for Web sites and a file FTP servers. The interface is clean and simple. There are buttons that allow you to add a card, delete a card, launch Internet applications, go to Internet addresses stored in the given category, copy the current password, search for a card, and save the database. There are also four text fields. The first two are usually Name and Internet address. The second two vary depending on the current category. The bottom of the window contains a Note field that can be shown or hidden based on the user’s preference.
Web Confidential can open password-protected FTP sites, newsgroups, and Telnet connections based on the information entered in the cards. The only issue with this is in Web Confidential’s handling of Telnet connections. First, it can only pass login information to Better Telnet. I have only experimented with Better Telnet a bit, but I do not find it much better than NCSA Telnet. Second, Web Confidential only works with a single type of login procedure, and that must be specified in the Helper Settings... dialog in the File menu. If you have multiple systems to log into, this may present a problem. Also, based on what it does, Helper Settings belongs in the Preferences—it took me a short while to track it down in the File menu.
The simplicity of Web Confidential’s layout is also one of its problems. Since every card in every category has exactly the same layout, some problems arise. First, the Go button that sends you to the Internet address for a card is always active, even in categories that do not contain Internet addresses. I wish that this would dim when not necessary, like the delete key does when there are no cards in a category. The same can be said for Check Drop Down Menu. If it is clicked when the current category does not support Internet addresses, it says “Not Available.” I would prefer if it were disabled. Another minor interface issue is the E-Mail category. Although two fields are used, the two remaining fields are titled N/A and can still accept text. It would better if these fields were dimmed and/or non-selectable.
Another cool feature is the Quick Open item in the File Menu. Any file in either the Startup Items or Cabinet folder that Web Confidential creates will appear in this menu. Additionally, any item in the Startup Items folder will open, appropriately enough, when Web Confidential launches.
One of Web Confidential’s major features is that it uses Shared Menus, a feature of the Mac OS since System 7.1. Shared Menus allows Web Confidential to make it’s own menus available to other programs. For Shared Menus to appear in a program, the author must include the code to make this possible. Fortunately, many Mac Internet programs include this functionality, including Netscape Communicator, Internet Explorer, Emailer, Outlook Express, and Anarchie. I have yet to find a Telnet program that supports Shared Menus; MT-Newswatcher doesn’t, either. Since Shared Menus are available system-wide, Web Confidential’s menus will also show up in some non-Internet programs. The only one I have found thus far is BBEdit, but it is possible that there are more out there.
Web Confidential places three menus in programs that support this feature. There is the diamond menu, which allows you to add the current Web page to Web Confidential, switch to Web Confidential, switch to URL Manager Pro, switch to another Internet application, or go the Web Confidential home page. The lock and key menu acts as a bookmark menu, allowing you to access Internet addresses for whatever program you are using. The final menu, the glasses menu, lets you access information cards for Web pages stored in the Password Manager category. With programs like Anarchie and Communicator, Web Confidential falls a bit short with Shared Menus. Although programs like these can access multiple Internet protocols, only items from the main protocol appear in the lock and key menu. This means no grabbing Web pages in Anarchie and no sending e-mail about that cool Web page from Communicator.
A downside to Shared Menus probably lies in Apple’s implementation of Shared Menus rather than Web Confidential. Almost whenever Web Confidential crashes, it takes any program using Shared Menus with it. Not counting Web Confidential, I once lost six programs in one crash.
The Password Manager is one of Web Confidential’s most impressive features. The Password Manager stores Web page and account information in information cards that can be accessed from the Web browser without switching out of the browser. Using any web browser that supports Shared Menus, the information cards can be used to access the Web page and copy the password to the clipboard.
With Internet Explorer, it does so much more. Under IE, the information card includes ID & Password and a submit buttons. The ID & Password button copies the User ID and the Password into the appropriate fields on the Web page. The Submit button goes one step further—it copies the User ID and Password, then submits the page for verification.
Unfortunately, along with only working under IE, these buttons only work for two-field forms. So, in a three-field form, like CDNow uses, you must enter the information by hand. It’s not a perfect solution, but it does mean I can get my password info out of the cookie file and not have to worry about those Barry Manilow CDs.
As I said before, keeping personal information in an insecure file like a cookie makes me a little nervous, especially in a dorm environment. That’s why I was pleased by the encryption included in Web Confidential. Although you can choose to use MacPGP 2.6, the 448-bit encryption offered by the Blowfish encryption algorithm should be enough for most users. Encrypting the file locks it with a password so it cannot be viewed unless the password is known. Web Confidential can be set to automatically lock the file when it is closed and after a set amount of time. The latter method ensures that people will not be able to see your files if you leave your computer unattended for an extended period. The downside is that the file may be closed and encrypted during a browsing session. If you try to call up a file from the glasses menu, you will find it disturbingly empty.
Speaking of glasses, every hidden field in Web Confidential has a small pair of glasses next to it. Holding the mouse over the glasses displays the content of the hidden field. While this is a nice feature if you tend to forget things, it can be a bit dangerous if you tend to step away from your computer. I would prefer if the glasses could be turned on and off in the preferences.
Web Confidential is a strong product when it comes to keeping track of passwords, PIN numbers, and the like, but it’s a bit of a mixed bag on security. The choice of MacPGP or Blowfish provides an extremely strong lock on the front door, but if you leave the door open, your data is free for the taking, thanks to the little glasses. MacPGP and Blowfish will keep just about anybody out of your data, but if you give them a glimpse of your file, they can find out any information you have stored in there.
In a situation where many people share a computer, Web Confidential is an excellent tool for letting individuals securely keep track of their Internet information. It is also a great way for individuals to keep track of their information. Because of everything Web Confidential has to offer, I am giving it a Very Nice rating. If you don’t use the programs Web Confidential requires to access its best features (IE and Better Telnet), however, its usefulness decreases.