Backup Improvements
B
Blonde Hoverfly
We have found in many cases that backups do not exist for users. If I'm not mistaken, when I talked to support about this, I was told that it only backs up when they change something. Current NIST guidelines recommend using a strong random password with MFA and NOT changing it regularly, so we have many clients that have not added or changed a password in quite some time. I think it would be beneficial, if your system did one of the two items listed below.
- Backup more frequently regardless of changes
- Instead of deleting backups older than a certain time period indiscriminately, only delete if a new backup exists.
In both of these cases, you should not be left with a user that has no backup. IMHO, this changes should be high priority.
Owen Parry
Thanks for the detailed feedback — it’s a great callout.
To clarify: the older (legacy) Password Boss applications did have a limitation where backups only occurred when user data changed. For customers who follow NIST guidance and don’t regularly change passwords, this could result in long gaps between backups.
With the new Password Boss WebApp, this limitation has been fully resolved:
* Backups occur more frequently, independent of whether a user has added or changed items.
* Backup storage is not currently limited, so users maintain consistent backup history.
* The “no backup exists” scenario should no longer occur for users on the WebApp platform.
We appreciate the feedback — and the concerns raised here were one of the reasons we evolved the backup architecture in the new WebApp. If you have users still on older versions, we strongly recommend upgrading to ensure they benefit from the improved backup cadence and retention model.