By: Lamantine Software, a.s.
Sticky Password is one of the top end products in a password management tool. Parented by Lamantine Software, and located in the Czech Republic, they have provided an amazing tool to minimize the tedious job of remembering passwords and other regular online form fillings.
Being a password management tool at its core, Sticky Password also has impressive features like Auto form-fill, cloud sync, memo storage, saving bookmarks, create identities with contact and payment info, etc.
Sticky Password has a manatee as its mascot and donates some funds from their income to support this endangered species.
The company claims to have provided the users with high-security features and amazing support, along with many functions in the tool.
Ever tried to remember the password for that random site you made an account on, not using anywhere except work or random registrations. Most of us do remember the passwords for our social media accounts and Email clients, and most of us do not bother to learn any extra passwords for other random sites. At times, these sites can be useable in later stages and so their credentials may turn out to be useful.
For that reason, we must note down all passwords, usable for future work. This can be quite messy when you try to remember for 100s of sites or write them down. For this purpose, we direly need some tool like a password manager to auto-save all logins and also protect existing passwords.
So, a password manager is essentially a computer program that aids us by auto-saving the login credentials we input on any website or application and later on auto-fill those credentials when needed. Not only that, but the password manager tool also have wallet function that aids in storing and filling long forms like Name-address details, bank details, etc. and save our time.
For this review, let us see if they stand tall on their claims or will have a great fall.
Well, it is the job of a password manager not only to store your credentials but also provide more facilities and features for better interaction between the users and also give the customers best possible user experience.
The key features of Sticky Password are as follow:
Sticky Password has the primary task to store any password or any kind of login credentials the user has once they have setup the tool. They have a browser extension and an app for PC devices. You can also install it on your phone and later sync all the data.
As soon as you create the account for Sticky Password, the tool starts detecting any type of login and then either save those logins or help you create new credentials.
The password management screen shows a list of all stored or imported passwords. Users can edit those passwords, user IDs, login page, etc.
This screen also tells you if the security level of your passwords. For weak and reused status, it is advisable to change them. You can also utilize the password generator to do this.
You can directly launch the selected credential as a webpage and use automatic login to sign in to that particular account. Tag the favorite option if that is your frequently used account.
There are times when some logins are restricted to apps or separate interface than a webpage. For this, you can enable App Account function.
When enabled it can monitor certain apps like Skype, voice call apps, etc. and display a pop up just near the minimize button of that window. This will allow you to capture and auto-fill the login fields.
Users can manually input the details of this app by dragging the pointer to app window or browsing to the .exe file of same.
For mobile devices, there is a smart monitoring system that can automatically aid the users in storing and filling those credential fields.
Most password managers come with the ability to auto-fill certain forms across various websites. These forms may contain personal information field like Name, address, phone number, credit card info, personal website info, etc.
In Sticky Password, you can create different identities. These identities are used to fill forms online. It is very tedious to fill certain forms online, again and again, especially if you are a web accounts manager, it can become a hell to type full details every time you create a new account on different websites.
There are many things besides login credentials that need to put in a safe location in case you forget them. Things like Insurance policy Number, military notes, different IDs, etc.
For these things, making a note is the best way to remember them. However, some records are sensitive and must not be accessed by anyone other than yourself. For that task, encryption is needed to secure them.
Worry not, for that Sticky Password provides you with Secure Memos function. You can save any kind of detail you want and encrypt it.
Want to share some user account with friends, or want to give access to a website’s account to a colleague for business use? For this, the thing we do generally is to write them down on paper or send them login info via mail or text files.
But these methods do not encrypt any of the data exchanged, and so there is a constant threat for the prying eyes to get hold of this sensitive information. After this the entire account can be compromised and who knows what things the sniffers can do after they take hold of that account.
For that, Sticky Password has secure sharing feature. This feature allows the head of Sticky account to share whatever info he wants by enabling a client or family access. By using this, the full details of account are not needed to be shared with them; Sticky Password will autofill that login field, on the receiver’s device.
Imagine the scenario, where you have to take all passwords with you in every device that you use and that too when you have tones of work accounts to deal with; sounds clunky?
For that synchronization is another feature of Sticky Password. Using this feature, one can save every list of passwords, notes, identities from every device that has your Sticky Account, keep them on the cloud server and then use them across any device.
To sync all the data, the user needs to sync option in the bottom left corner of the given software client. They can choose between cloud storage and local network storage. Cloud storage is always better but if you don’t want any data to leave your internal servers, select the local network storage. You can also use the back up the data via export on the local machine.
Thinking about just handing over a few text files or password sheets to someone via USB. There are some critical details to be exchanged to someone and needs only the necessary encryption for it. For all these uses, repeatedly, securing the individual files can be a mess.
Sticky Password provides another handy feature called portable USB manager. This feature helps the user to create a portable version of Sticky Password and encrypts the chosen data via military grade encryption.
You can switch to any computer and use this feature to carry the sensitive information there. Also, it will prevent any malware or programs that can access your text files easily on other computers. The saved data is highly encrypted and cannot be obtained by such threats.
This feature is convenient for hiding sensitive info when switching devices across the library, cybercafé, etc.
With every mobile or portable device, the provision of biometric scanning for security like fingerprint lock is available on most of them. Sticky Password also has provided an excellent function for devices that have fingerprint support.
For a device that supports fingerprint, just install the app, and configure it from settings. Once this is done, there will not be any need to enter the password repeatedly for every session. Users just need to use fingerprint authentication to unlock the app and password manager.
Even though it is a secure way, it can be misused if any other person, who can open the app using your fingerprints and can mess up the things. It would be best to keep dual authentication by giving two fingerprint scans of different fingers with only three attempts for a scan. This way, it will be safer to secure the data using biometrics.
The user interface basically shows the ways and functions while using a software program. The smoother the setup and usage, the more user-friendly it is. Apart from this, aesthetic and other features also determine the user interface capabilities.
Sticky Password comes in various platforms to be used. The most commonly used is on windows or MacOS devices. Then comes mobile devices like Android and iOS. There is also a web setup and an extension, but both have very minimal setup and are used mostly for minor tasks.
The main program on PC is an installable setup. Once you install it on your machine and start it, the new account or login screen will appear, asking you to register/login via an Email ID. After that, it will prompt you to create a master password for a new account. This master password has no ways to be recovered, so be careful and remember it or write it down at a safe place.
Once done, it will ask to import the previously saved passwords if any, from either .csv file, any other browsers or password manager files like from LastPass, 1Password, etc.
Once completed these steps, the main dashboard will open in a window. This dashboard will contain all main functions of the program, and it has all available feature options.
The main screen will show the quick access tab and security dashboard. The quick access shows any recent saved or added items. The security dashboard will list all the passwords saved and their strength, reuse status, also with an option to edit them.
Then comes the Web Accounts tab. This tab has options to edit any stored password. This tab also has the option to add new login passwords and group the existing ones. The group feature is convenient and helps us categorize specific passwords like Online shopping, banking sites, Email accounts, etc.
Clicking on any password will display options like launch, auto login, copy any fields, share, mark favorites, etc.
Next tab shows App Accounts. As discussed earlier, this feature is used for various installed apps inside the main device apart from the web browser. The user can drag a pointer from the tray icon on any app they wish to monitor and save its password. Music applications, video calling apps, Email apps and many more can be logged in securely using this feature.
Next tab is Identities. This tab stores all form filling data like identity fill, address fill, credit card info, Business info, website info, etc. Users can store as many as identities here. Once you create a new character, fill in the fields that you want to be auto-filled for that identity.
Whenever you want to fill any of the above data from identities, click the Sticky Password icon in the form to be loaded and select the identity from which you want the details to be auto-filled.
There is a Bookmarks tab after that. The users can also save any web page addresses in this tab. There is no provision to directly import them from a web browser or export them to a web browser. You have to import it via import option in settings.
One of the useful features after password storing is Secure memos. You can save any details here like notes, bank account details, any secret message, insurance details, etc.
The last tab has the sharing option. In this option, the user can share the saved data with any person they want. This option also allows users to give full or read-only access to the recipient. Such a feature is handy in big organizations where one has to exchange important data with other employees periodically.
The top right corner has a menu button. Here, the user can see options like a lock, add accounts, settings, portable passwords, import/export, help, etc.
The settings options here have general settings, account settings, sync, security options, supported browsers list, hotkeys, database, etc. All these options are very easy to configure, and users can try tweaking them as per their wish.
The web-based application has very minimal options. It shows the list of connected devices, subscription status, Sticky ID, option to restore/backup synced data, delete all cloud data, etc.
The mobile-based app is similar to a desktop app with fewer features. The mobile apps are designed to monitor your logins into other apps and help you to autofill their credentials.
Thus, the user interface is relatively good in all available devices. However, we would like the PC app to be redesigned with a better interface. For modern OS, it still has looks of old Windows-XP applications. Summing up, we had a wonderful experience and ease using the service across these devices.
Most password manager tools need to have air-tight security when encrypting the users’ password data. For this, they need the best and most secure encryption types like AES, 3DES, Two fish, RSA, etc. Other than that, access to any one except the user, must not be allowed to the data file containing all confidential informations.
The methods by which a password manager stores data and interacts with the client to reveal that data is needed to be most secure. The cloud services which encrypt the data after reaching the cloud server lead to vulnerabilities where someone can steal information in between the transfer.
Sticky Password boasts a high-end security method to safeguard the clients’ sensitive information. Like most password managers Sticky Password operates on the client side, do. Sticky Password manages the same level of functionality and cryptographic methodologies. This makes sure the data encrypted across every device is via the same secure method.
The Sticky Password Cloud, the server of the Sticky Password client/server configuration, is comprised of several blocks:
The storage server and back-end system are on an encrypted Amazon AWS, i.e. Amazon S3 and Amazon EC2 models. All data stocked over time is stored over the clients’ local machine which is covered under the license.
For any Password manager, data protection is essential and Sticky password employs it in the following ways:
Master password: Whenever you create a new account on Sticky Password, the user has to generate a master password. This master password can lock all functions of your account and is used to encrypt the data you have stored in the password manager.
This master password has to be remembered by the user. There is no way to access the account if you forget it. This master password is non-transferrable to any location or network, and so even the company does not know about it.
This master password is used via an industry level AES-256bit encryption to secure the data. An encrypted key is derived from this master password via PBKDF2, i.e., password-based key derivation function.
Two-factor authentication is also available for Sticky Password. In this feature, the user can utilize the One-Time PIN authentication or OTP from services like Authy, Google Authenticator, etc. to generate a single time-based OTP, which is used as second login credential to access the user account.
Device authorization is also a security feature in Sticky Password where like many web services viz. Gmail, Facebook, etc. who save the device location and ID from which they are accessed frequently. Any anonymous login from the saved digital fingerprint will trigger a safety protocol and will not allow any login until the identity is verified via an OTP or other security keys.
Overall, the security features are great and there is no known data leak to-date. One more thing they can add is a way to recover the master password like using a paraphrase or another code to encrypt it.
The pricing of a product decides what kind of consumer base they will be taking and also what quality content and features they are giving to the clients. The common folks need good amenities and affordable pricings so that they feel the worth of their purchase.
Sticky Password comes with two types of subscriptions, trial/free version, and a freemium subscription.
The main difference between the Free and Premium version of Sticky Password is in the synchronization feature - Premium users can synchronize the content of their password database between installations of Sticky Password on their devices. Premium users are now also able to share data from their database with other users (either as access only or with full rights (both username and password are accessible and can be changed)).
The premium version is priced at 29.99$ for a one-year license. There is an offer for 119$ for a lifetime subscription giving you 20% savings.
Once the trial period ends, the users cannot access the premium features.
Overall, the pricing seems to be quite affordable, and the features provided along with it justify it.
Wouldn’t it be pretty hectic to import those passwords from device to another? Or to open a device and input credentials on other!
To avoid such situations, we have to extend the support for these password manager tools across many devices, especially mobiles and desktops. If the application is available on many platforms, we can easily use it to input and save any passwords we want, on any device.
Sticky Password has support for all major devices. For Windows and MacOS, it comes with the standalone application and web-based support. There is also a browser extension provided for these platforms.
For mobile devices, it has an app for Android and iOS devices. The app has an inbuilt browser feature in these mobile devices.
There is no support for Linux OS like ubuntu, fedora, etc.
Most password manager tools have inbuilt extra features like storing bank information, credit card data, identity forms of any person. These things are highly confidential and can be abused by any malicious hacker to ruin the person. Also, third party access to the service can potentially land your data on online marketing traps and from there, all your identity can be sold to anyone.
For that reason, not only password managers, but any software that utlizes any perosnally idetifiable data must not allow third person contact. Privacy policies of a company gives us an idea on how these companies store such personal data and then with whom they exchange it or delete it.
Most common folks are skeptic about giving so much individual data to anyone let alone it to be accessed by online marketers.
Sticky Password also like many other apps stores certain data of client. The details provided on their website in their privacy policies are as follows,
They do collect details about devices including IP address, device identifiers, operating system, browser type, or any technical information sent by the web browser.
They also collect anonymous data of your usage (e.g., which features you use) of Sticky Password.
For billing uses, they ask for main payment processing information, including your credit card details, email ID and country. If you are a business company, you may provide them with your company details such as company name, VAT ID, and address.
They use some personal data usage with data analyzers like google analytics. This is an anonymized exchange, but things turn suspicious when Google is involved.
They can share personal details with 3rd parties when such disclosure, access, storage of that information is necessary to:
As we all know, managing so many passwords across several webpages can be a really tedious task. Not only entering all the passwords but also filling those annoying forms, again and again, can result in so much time consumption.
Sticky Password does an excellent job at reducing the strain of such activities. Combined with amazing features and securing the passwords, our experience with using this tool was great.
One of the things we wish to be improved is having a backup method to restore the master password. Also, the UI needs an overhaul for the latest systems since it looks outdated in current form.
Other than that, the web version should also have access to stored information. Sometimes, the users may not be able to use the apps, and in need of urgency, full information access on a webpage can be a savior. Also, we need Linux OS support for popular distributions like Live Mint, Ubuntu, Fedora, Debian, etc.
Apart from that, we found that sites like Amazon, Flipkart and many e-commerce websites which rely on mobile based registration were not able to use the auto fill feature.
Overall, our experience was quite good using this password management tool, and the pricing is quite affordable. Do not forget they also donate to save manatees, so if you love them and are satisfied with the trial version, we would certainly recommend going for yearly or lifetime subscription.