May be a silly question but where is all the data that is synched stored? If it is not resident on your computer over which you have control is it not a HUGE potential security breach to store passwords elsewhere?
Hoping I am misunderstanding.......
Thanks in advance from a "just had my first cup of coffee for the day" Mike
It's stored on Xmarks's servers. Passwords synced are encrypted with a password you supply, but of course I haven't examined their source code.
This is what they say:
To encrypt your passwords, Xmarks uses the current state of the art AES 256-bit encryption algorithm. AES is a United States government standard and is recommended by National Security Adminstration (NSA) for encrypting classified information. See the AES Wikipedia entry for more details.
AES works by taking data that needs to be encrypted along with a secret PIN of your choosing, and then produces an encrypted result. It is strong enough to virtually guarantee that your encrypted data cannot be decrypted by a third-party, not even Xmarks. The biggest point of weakness is in the strength of the secret PIN that you choose. Xmarks recommends that you choose a PIN that is difficult to guess and contains a wide variety of different characters and numbers.