Password protecting YNAB in Windows

ynapasswordynapassword Posts: 5Member
edited June 2013 in Desktop
There have been a lot of posts asking for this feature and most of the workarounds are cumbersome.
So is this one to setup (not to use), but its an option. It doesn't provide a lot of security other than a simple password to open the program.
It is an alternate way of using the "separate account" method so many people offer as a workaround, without the need to actually log off and on as that other account.

ANY ADMINISTRATOR LEVEL USER CAN ACCESS THE PROGRAM OR YOUR DATA IF THEY KNOW THE STEPS. This is not REAL security from knowledgeable users.

so this fulfills the basic need for some people to keep kids, mother in law and other casual users from seeing your private bank info.

The basic outline of the process is this:

1. create a new standard user in the control panel and give it the password you want to use.
2. right click on the ynab 4.exe executable and remove inheritance under the security advanced tab.
3. remove everyone except system and then add the new user you created to the security tab users. so only system and the new user you created have access to the EXE.
4. create a batch file that uses the "RUNAS" command to run ynab 4.exe as the new user you created. you will be prompted for a password and then YNAB will run.

this following batch file example assumes you called your new user YNABUSER

the batch file will have this line in it (windows 7 64 bit):
runas /user:YNABUSER "C:\Program Files (x86)\YNAB 4\ynab 4.exe"

for 32 bit Win7 you would use:
runas /user:YNABUSER "C:\Program Files\YNAB 4\ynab 4.exe"

you can then create a shortcut on your desktop or wherever you want to the batch file. you can even change its icon to the YNAB icon using the uninstall.exe in the YNAB 4 program files folder.

double click the batch file. a command prompt window opens and asks you for the password. enter the password, press ENTER and the window closes and YNAB opens. open existing budget and find the folder.

there are probably more elegant ways of using these same steps but all I needed was a simple password lock to keep the mother in law or visiting family from clicking my budget software.

NO, I don't want to log out and back in as someone else. NO I don't want to have other people login to a different user that doesn't have all of my settings, mapped drives, etc. Those options require me to remember to constantly log out, lock the screen, etc. Well, I don't want to do that or feel I have to constantly remember something. I want the damn program to ask for a password like every other financial software in the world. ahem...sorry.

I want convenience (not having to log off and on another account or opening truecrypt volumes, etc) and this feature should be available...but until it is this works for me and my wife.
Post edited by Unknown User on
Fredsky
«13

Comments

  • Turf_HackerTurf_Hacker Posts: 6,391Member, Moderator, YNAB Team, Beta Tester
    I, for one, appreciate the posting of a method to add a password that would defeat at least the casual snoopers. Nobody outside my immediate family uses my computer, so I probably wouldn't use it but it looks like a useful work around.

    Thanks!!
  • RodeoClownRodeoClown Posts: 4,227Member, Moderator, Administrator, YNAB Team, Beta Tester, Beta Moderator
    Hi ynapassword,
    Thanks for posting that workaround here - it will be very useful for others with concerns about password protecting YNAB.
    Special thanks for going out of your way to sign up on the forums specifically to help others.

    Unfortunately a full security solution is still a way off, but this is a great stopgap measure.

    Note - I've removed a response post in this thread as it doesn't add to the conversation here, as well as ynapassword's response to that post. I've also stickied (and renamed) the post, as it will be very useful for others.
  • LarryFLarryF Posts: 38Member
    Something as simple as what the iPhone version of YNAB has, the 4-digit security code, could be added to the desktop version couldn't it?
    Watermellon_On
  • RodeoClownRodeoClown Posts: 4,227Member, Moderator, Administrator, YNAB Team, Beta Tester, Beta Moderator
    We could add it, but as we've said previously, were we to do that many people would then get angry that we were claiming to have security in YNAB when we really didn't (as anyone could open the budget file and see the password).
  • TubasoldierTubasoldier Posts: 16Member
    @rodeoclown, I don't see it that way at all. If YNAB were to add in a password option most people would see it as a feature that adds ADDITIONAL security. Right now, my spam email account on my personal computer is more secure than my checkbook ledger. This (and file encryption) is the main thing I don't like about YNAB. There is account information that I would like to keep in notes attached to the categories like online billpay website, user names, passwords, that I wouldn't recommend doing currently.
  • Turf_HackerTurf_Hacker Posts: 6,391Member, Moderator, YNAB Team, Beta Tester
    A couple of relevant differences (and I'm sure Ian will correct me if I get this wrong :D ):

    Your e-mail account is most likely web based, so your password isn't stored on your local computer (leaving aside cookies and other web tracking methods). This makes it impossible for anyone to obtain your password by opening a file on your computer.

    Your YNAB budget is stored on your local computer and is not encrypted or protected in any way. Someone with physical access to your computer could open it with a program other than YNAB and view your password.

    Instead of storing account numbers, user names and passwords, etc. in YNAB, I use a password manager (1Password) for this purpose. The data is stored in encrypted form, and I can use it to populate web-based logins. Even if my YNAB data was encrypted with password protection, I would still use the password manager for the simplicity of use.
  • Hans MusterHans Muster Posts: 41Member
    A couple of relevant differences (and I'm sure Ian will correct me if I get this wrong :D ):

    Your e-mail account is most likely web based, so your password isn't stored on your local computer (leaving aside cookies and other web tracking methods). This makes it impossible for anyone to obtain your password by opening a file on your computer.

    As always, this depends on how you have set this up. I don't use web based email, but if I did I might tell Firefox or Safari to remember my password, therefore it would be on my local computer.
    Your YNAB budget is stored on your local computer and is not encrypted or protected in any way. Someone with physical access to your computer could open it with a program other than YNAB and view your password.

    Physical access beats all. If someone gets that they can potentially get access to everything.

    As another poster said, I would like to see some basic password protection to guard against a member of the family seeing YNAB details. It will not beat the determined attacker, but it will beat someone who is plain nosy.

    On the other hand, as an occasional software developer I like being able to see what lies underneath YNAB. In the worst case of Adobe Air failing to work on my systems, I could still get my data out with a bit of work, and that is important to me,.
    Instead of storing account numbers, user names and passwords, etc. in YNAB, I use a password manager (1Password) for this purpose. The data is stored in encrypted form, and I can use it to populate web-based logins. Even if my YNAB data was encrypted with password protection, I would still use the password manager for the simplicity of use.

    I use an encrypted disk on my Mac to store my private stuff. I know one of the 1Password developers and know that they take their job very seriously, but it might be too pricy for someone on a tight budget.
  • KESKES Posts: 884Member
    YNAB could add a simple pin code to discourage casual snoopers. It wouldn't need to encrypt the budget, just require a pin code when the program is started, and the code could simply be stored in a hashed form in either a config file or the registry.

    Sure, it would not be "secure" in any real meaning of the word, but it would stop your kids or curious temporary visitors from snooping.
  • imnotplutoniumimnotplutonium Posts: 29Member
    I agree. I understand it would not be secure in the fullest sense, or really in any sense if someone really wanted to see the data, but I think it would be beneficial to have a quick 4 digit pin or something to open it. Like people have said before, all we really want is for it to be a bit harder for just anyone to click the YNAB budget and see all of your finances. I don't keep anything in my file that would lead anyone to my actual accounts (acct #'s, passwords, or anything like that), but I would like it if I knew it wasn't so easy to see my net worth etc.

    I don't think most people are looking for a full fledged encryption of their data, just something to stop your kids, nephews, siblings, etc. from being able to see your financial health with a few clicks. I understand where YNAB is coming from but I think if you guys put it in simple terms when you turn that feature on that it is NOT a full fledged security option and that it only stops people from accessing your data via the YNAB program and not through the data, then I think you would be covered. Make them click 'OK' like apple does all the time. :)
  • iwaddoiwaddo Posts: 256Member, Beta Tester
    A simple pin code would be a start,

    Then a timer option that locked the app after so many minutes of inactivity would be a step further.

    Full data encryption on disk would be fantastic.

    Let's keep it simple and improve security one step at a time.
  • JoelJoel Posts: 9,759Member, Beta Tester, Beta Moderator
    I think the ability to have a password would solve requirements of most users. Most users aren't worried about an advanced user hacking into their budget file, but rather the casual user accessing their budget (intentionally or accidentally)
  • DigbyDaveDigbyDave Posts: 14Member
    I use a small program called "Game Protector" (gameprotector.com) which adds a password wrapper on any exe file. Seems to work well on both XP and W7, and allows basic protection from casual clickers, prompting for a password on launch of the application. It also optionally backs up the original exe so that you can backtrack if necessary. YNAB updates do not seem to be affected, just that you have to reapply the password after any YNAB updates.

    I for one would certainly prefer YNAB to have password protection & encryption of data, it is always a worry with ANY financial information not being encrypted. I hope that it is on YNAB's road map.
  • sulssuls Posts: 9Member
    I agree. I understand it would not be secure in the fullest sense, or really in any sense if someone really wanted to see the data, but I think it would be beneficial to have a quick 4 digit pin or something to open it. Like people have said before, all we really want is for it to be a bit harder for just anyone to click the YNAB budget and see all of your finances. I don't keep anything in my file that would lead anyone to my actual accounts (acct #'s, passwords, or anything like that), but I would like it if I knew it wasn't so easy to see my net worth etc.

    I don't think most people are looking for a full fledged encryption of their data, just something to stop your kids, nephews, siblings, etc. from being able to see your financial health with a few clicks. I understand where YNAB is coming from but I think if you guys put it in simple terms when you turn that feature on that it is NOT a full fledged security option and that it only stops people from accessing your data via the YNAB program and not through the data, then I think you would be covered. Make them click 'OK' like apple does all the time. :)

    Fully agree!!
  • mizterzmizterz Posts: 1Member
    For sure total encryption would be the best scenario for any financial data. At a minimum, a password or pin should be required to access the data via the application. Not good for someone to be able to sit down at a shared computer and see all financial information/data.
  • GopherbotGopherbot Posts: 4Member
    There is account information that I would like to keep in notes attached to the categories like online billpay website, user names, passwords, that I wouldn't recommend doing currently.

    Woah woah woah! NO!

    Seriously, even if YNAB was password protected, you shouldn't be using it (or any other financial tool) as a password management utility. There are properly architected solutions to the password problem like LastPass (which I use) or KeePass if you really want to solve your password problems.
    bkohlmeier
  • junglismjunglism Posts: 4Member
    hmm encryption software like truecrypt is so easy to use and gives you really peace of mind - particularly for lost/stolen computer
    MargaretYakoda
  • dnacdnac Posts: 122Member
    yea, use KeePass (or a similar tool) to save passwords. It encrypts the password DB using a single master password.
  • cyberstudiocyberstudio Posts: 2Member
    Hi guys.

    Im a software developer, and i dont understand something: Why is this so complex to do? What's the problem? i dont get it.

    Step 1) Encrypt the budget file(s) (AES 256?)
    Step 2) Add a new "Enter password" Window to ynab desktop and mobile apps.
    Step 3) Let the user enter the password.

    The user lost his/her password!? that's THEIR problem.

    Im missing something? :shock:
    djh22
  • RodeoClownRodeoClown Posts: 4,227Member, Moderator, Administrator, YNAB Team, Beta Tester, Beta Moderator
    The user lost his/her password!? that's THEIR problem.
    It's OUR problem if we want to keep our customers happy ;)
    MargaretYakodaWatermellon_On
  • cyberstudiocyberstudio Posts: 2Member
    RodeoClown wrote:
    The user lost his/her password!? that's THEIR problem.
    It's OUR problem if we want to keep our customers happy ;)

    Not at all! A big disclaimer will do!.

    Something like:

    "WARNING!!! IF YOU ACTIVATE THIS FEATURE AND FORGET YOUR PASSWORD, A L L YOUR YNAB DATA WILL BE LOST F O R E V A H!!!"

    If they decide to use it, its their problem. They're warned. and us, the users who want the feature will be pleased
  • RodeoClownRodeoClown Posts: 4,227Member, Moderator, Administrator, YNAB Team, Beta Tester, Beta Moderator
    We'd LOVE to be able to just do that, but unfortunately, treating your customers like that doesn't end well :D
    casnerWatermellon_On
  • kevman479kevman479 Posts: 316Member, Beta Tester
    The user lost his/her password!? that's THEIR problem.

    I am with Rodeoclown on this one. I have worked with the public enough to know that if you want to get new customers and keep the old ones it is never "THEIR problem".

    I am not trying to be confrontational but if you are keeping things in YNAB that it is not ment to do (keeping passwords and account numbers) then isn't that "your problem"? I am sorry but yea it works both ways.
  • niklasfiniklasfi Posts: 3Member
    This thread might be getting a little outdated, but I thought I might add my 2ct:

    I, too find it alarming to know that my data is completely unprotected. Rodeoclown: Are you really saying that adding the extra security is too much of a hassle? As a customer I must say that for me it is much more of a hassle to mount a TrueCrypt container. I see your "I am sorry, but we cannot recover your data. It is lost." point, but on the other hand, it leads to a thread like this, where the blind are leading the blind on how to secure their banking data by password-protecting the executable file regardless of the fact that their data is still completely unencrypted and can therefore be opened by anyone who has a copy of your program. Is this really the way you want it to be?

    When I bought YNAB, I was aware that I was investing in a closed source, proprietary program. I bought YNAB, because I believed in the Good in people, I had faith in your company to make the right decisions. In the free software world, I would branch your project, and would probably attract quite a few users with this feature, but it seems that is impossible.

    Please add this feature as I deem it to be essential. When adding this feature, just add a disclaimer stating "Loosing your password equates to deleting all of your budgeting history. Make sure you keep your password safe." I know you want the software to be as accessible as possible, but at this point you are choosing simplicity over security.
  • RodeoClownRodeoClown Posts: 4,227Member, Moderator, Administrator, YNAB Team, Beta Tester, Beta Moderator
    Unfortunately, just putting a disclaimer does nothing to help in this situation.
    Telling people that something was their fault, and it's just too bad that they lost 5 years worth of budget data means losing customers.

    Your budget is not completely unprotected. The data sitting on your computer is as secure as you make it - you can encrypt the folder it is sitting on if you'd like, and you can add a password to your account so other people can't access it. We don't store any account details, or passwords, so the information in there is not super vital. If that information is in your budget file, then I would highly suggest removing it, and putting it in a SAFE password protecting program (onePass, KeePass, lastPass etc).

    While adding a password is a high priority for you (and I can understand that), for the vast majority of our users is isn't a huge problem. There are workarounds, and even though they aren't built into the program, they are there, and they work. We will almost definitely add this in the future, but it is just not our highest priority at the moment.

    Cheers,
    MargaretYakoda
  • niklasfiniklasfi Posts: 3Member
    For anyone interested in proper encryption, I now use the following setup:

    My YNAB data is stored in a truecrypt container. Instead of executing ynab directly, I run a small batch file, which mounts the truecrypt container and unmounts it on exit of YNAB. It's actually quite simple.

    Here is a little tutorial on how to set it all up. Be aware that loosing the password to the TrueCrypt container equates to deleting all of your budgeting history. Make sure you keep your password safe.

    0. Download and install TrueCrypt from http://www.truecrypt.org/downloads.
    1. Create a file-based TrueCrypt container of an appropriate size. Under http://www.truecrypt.org/docs/tutorial you can find a quick tutorial explaining the steps needed.
    2. mount the TrueCrypt volume by hand and select a drive letter of your choice. Remember it, as you will need it later.
    3. move your ynab files ( %UserProfile%\Documents\YNAB ) to the encrypted device
    4. start ynab. You will be prompted to select a budget to open. Choose the folder within the encrypted container. close ynab.
    5. unmount your TrueCrypt Volume
    6. Place the following code in a file, which you save under the name "ynab.bat". Make sure you get the suffix right.
    set tcexec="c:\Program Files\TrueCrypt\TrueCrypt.exe"
    set tccont="%UserProfile%\ownCloud\ynab.tc"
    set tcletter="P"
    set ynabexec="D:\Program Files (x86)\Steam\SteamApps\common\YNAB 4\YNAB 4.exe"
    
    %tcexec% /v %tccont% /a /l %tcletter% /q ^
      && %ynabexec% ^
      && %tcexec% /d %tcletter% /q
    
    7. Edit the first four lines according to your needs:
      tcexec should point to your TrueCrypt executable
      tccont states where your TrueCrypt container lies
      tcletter gives the letter under which TrueCrypt mounts your container. Set it to the one you used before when you mounted the container by hand.
      ynabexec should be set to the path to the ynab executable

    Everything should work fine now. Instead of starting ynab by double-clicking on the shortcut on your desktop (or anywhere else), make sure to always execute ynab.bat by double-clicking on the file. You should now be prompted for the Password you entered when you created the container.

    p.s.: for those of you who want cloud sync, just place the TrueCrypt container in a synced folder.
    casner
  • YYC27YYC27 Posts: 1,968Member, Beta Tester
    niklasfi wrote:
    p.s.: for those of you who want cloud sync, just place the TrueCrypt container in a synced folder.
    I don't think you could make this work with the mobile apps ..
  • niklasfiniklasfi Posts: 3Member
    No, but you have (local) wifi sync for those cases, don't you?
  • Ryan524Ryan524 Posts: 23Member
    Personally I would like to see better protection by ynab at the file level. I believe I remember reading ynab cloudsync does partial syncing of data that changes rather than having to send the whole file back and forth from dropbox which is a smart way to do it to save on cellular data usage and time. If this is the case I will assume the data file is a key value pair format such as xml. In this case ynab could (and should IMO) encrypt the values using a encryption key derived from a password. So when you start up ynab it would prompt you for your password, it would use something like say a SHA256 hash to generate the encryption key, that would allow ynab to be able to decrypt the data on the computer to display to you but the actual data file would be secure.

    The encrypted values can also be sent back and forth via dropbox and the mobile apps should do the same thing to decrypt the data, also for users who want easier access on the mobile devices give the option to save the password to the device or echange it for a simpler to enter PIN where you would use a hash of the PIN to encrypt/decrypt the actual password.

    Just a though on how I think ynab should approach password protection and data encryption. I would defiantly welcome any feedback especially from the ynab team on this idea.
  • YYC27YYC27 Posts: 1,968Member, Beta Tester
    From what I've seen, the dev team is shy about putting that kind of encryption in because, if you ever lose your password, your data is gone. Forever.
  • Ryan524Ryan524 Posts: 23Member
    YYC27 wrote:
    From what I've seen, the dev team is shy about putting that kind of encryption in because, if you ever lose your password, your data is gone. Forever.

    That is a good point but at the same time ynab isn't about the past its about the present and future so it's not that hard to start over again. It seems from this and other threads alot of people want it, I know I would like the piece of mind of having it.
Sign In or Register to comment.