Upcoming Release 81 will introduce an option for locking down UI access when the program is running in service mode.

Details

In service mode, the program splits the backup engine and its user interface into two separate processes. The engine runs autonomously in the background as a system service, under a service user account. The user interface runs as a regular desktop program, under a desktop user account.

This split allows the UI to be started and stopped at will, with the engine running continuously even when no user is logged in.

When the UI is started, it connects to the engine, at which point the engine starts feeding the UI with updates and the UI sends back control and configuration commands as per user's input.

The change in R81 allows to set the engine to ask for a password when the UI first connects to it. Once enabled, it will cause the program to pop up a password prompt when the UI is opened. No password = no UI. This option is primarily meant for preventing non-admin local users from opening the UI and messing with the setup.

Fine print

1. The password is verified by the engine, meaning that the check is isolated from the desktop user context and can't be worked around without having Admin rights.

2. Salted hash of the password is stored in the engine's config file. The password can be cleared by stopping the service, wiping password hash from the config file and restarting the service. This also requires Admin rights.

3. When the program is being updated, the UI knows how to restart and reconnect back to the service without requesting a password.

Due to how updates work, this is one of more complicated (and interesting!) parts, based on single-use authentication tokens that are issued by the engine to the UI specifically for this case. However it's completely invisible in use.

4. The UI does away with dual password entry fields (enter once, enter again to confirm). Instead, just as many modern UIs do, it allows revealing the password if needed. 5. Don't forget your password.
Made by IO Bureau in Switzerland
Support

Updates
Blog / RSS
Follow Twitter
Reddit
Miscellanea Press kit
Testimonials
Company Imprint

Legal Terms
Privacy