Right now CommonKey is available solely as a free extension for Google Chrome. The whole point of the tool is for users to create long, complicated passwords for their online accounts, store those passwords in the CommonKey interface, and then remember just one password — that for CommonKey — in order to sign in everywhere online.
A password manager like CommonKey is fast becoming a key component of people’s security online. That Gmail password that’s just the name of your cat, Chester, is easy to remember, but it’s wildly easier for an experienced hacker to crack that password compared to !@#ZZDejk__93818823#4*7&etsy!JOEBIDEN@#$%. CommonKey will let you create that password, store it safely and never be forced to remember it. (Because, honestly, who wants to remember anything that has to do with Joe Biden? Amirite? Eh?)
Here’s how it works:
- A user signs up via the CommonKey Chrome extension, and begins entering passwords for different accounts — Amazon, Gmail, Facebook, banking accounts and so on — into a dashboard.
- Whenever a user visits a site whose login and password credentials they’ve stored in CommonKey, the user clicks on the appropriate account login inside the CommonKey dashboard. This will automatically fill in your login and password on whatever site you’re visiting.
- The bonus for businesses is CommonKey’s “organizations” feature, which allows members of a company to share a single password with everyone who both has a CommonKey account and has been invited as a team member to different groups.
- Which means if George gets his password permission on a Wednesday, and is then fired on a Thursday after he’s discovered making photocopies of his gluteal muscles, you can ensure that George doesn’t have the account login to the company American Express card: kick him out of the group, change the password, and then don’t worry about e-mailing the new password out, because everyone on your team already has it through their CommonKey account.
If this all sounds strikingly similar to how the most recent Baltimore Startup Weekend winners TeamPassword runs its password manager, that’s because it is. Stroup, along with OrderUp‘s Kyle Fritz and SmartLogic‘s Brian Sierakowski, were the three who took the top prize last September.
They had a parting of ways shortly after, and Stroup, a civil servant for the Department of Defense, cofounded CommonKey in October with Michael Cohen, a programmer in the radiology department of Johns Hopkins. (CommonKey’s founding was delayed slightly because of Stroup’s participation on the new Discovery Channel show “The Big Brain Theory.”)
“I’ve seen password managers out there that look shiny, but they don’t do what they should,” Stroup said.
The difference with CommonKey, he insists, is that the security is “structured up to National Security Administration standards.” (Ardent libertarians: interpret that however you will.)
- No one, including Stroup and Cohen, sees any of a user’s information “until it’s on the local machine” (i.e. your computer) of the user.
- The passwords are only shown in plain text when a user wants the passwords to be shown in plain text.
- So “no one could decrypt [password] information because they don’t have the long, encrypted key the user has on their local machine,” said Stroup.
Take that, NSA. (People who think PRISM is a non-controversy: interpret that however you will.)
Right now, no one is paying to use CommonKey, although Stroup and Cohen intend to introduce a structured pricing tier after the live beta phase for small businesses and companies with more than five employees.
The startup has been bootstrapped so far, but the two cofounders are interested in raising $500,000 in angel funding for “a full national media and marketing campaign,” said Stroup.
Once Stroup and Cohen are certain they’ve worked out all the kinks from the live beta phase, they plan to introduce CommonKey for Firefox, Safari and, eventually, smartphones.
“CommonKey was a good chance to really try to solve a big problem,” said Stroup.-30-