Maximum PC Staff Aug 25, 2009

ID Vault 2009

At A Glance


One of the few ways to prevent pharming attacks.


IE only, buggy, and pricey yearly subscriptions.

Lock up your sensitive data

In the two years since we reviewed the first version of ID Vault, phishing attacks have increased by more than 180 percent, identity theft is up 25 percent, and organized crime has figured out ways to hijack financial sites and DNS servers.

For the most part, putting financial information into a browser is about as safe as walking through Central Park in one of those Chuck Bronson Death Wish movies.

So, you’d think ID Vault would be one of those tools you’d put on a chain and wear around your neck everywhere you go, but it isn’t. For those not up on ID Vault, it’s an encrypted USB key that stores your user names and passwords. If you want to go to your bank, eBay, or Amazon, you plug in the ID Vault and use a virtual keyboard to punch in a code (to thwart key loggers). The ID Vault client on your PC then goes to the site, makes sure you’re actually on a legitimate IP address for that particular website, and logs in for you.

The ID Vault will only work with Internet Explorer—uh, unless it’s IE8.

It sounds like the perfect way to conduct your business without losing sleep over security. Unfortunately, ID Vault 2009 has the same warts it did two years ago. You have to install client software for it to work on a PC and it only works with IE7. The first count could be excused, as you really should never enter sensitive information into someone else’s computer, anyway. But lack of third-party browser support is the killer. And it doesn’t help that the freaking thing doesn’t yet support Internet Explorer 8, which most security conscious people have already adopted. D’oh! IE8 support is expected sometime this summer, but that doesn’t help you out now, does it?

Then there’s the cost. The initial unit costs $49 with one year of service included. An additional year costs $39. We know the product claims to be one of the few ways to prevent pharming (mass router or DNS hijacking), but that’s pretty steep for just 12 months.

Given all these negatives, ID Vault 2009 is a difficult product to recommend for anyone except the truly paranoid who are willing to live with its quirks.


ID Vault 2009

Around the web