Confused by Identity Shield settings

  • 10 June 2012
  • 7 replies

I'm confused about the settings for Identity Shield.  There are 3 different sections.
There is the Identity Shield settings tab (DNS, screen capture, man-in-middle, etc)
There is the Protected Application list
There is the Protected Websites list
So, my questions are:
1) If an application is not listed in the Protected Apps list, do any of the settings from the Shield tab or the Protected Websites apply when using that app?
2) Are the Protected Website settings active when using *any* browser?  If not, which browsers are supported?  Must they appear in the Protected Apps list to have this protection?
3) In the Shield Tab settings one option is "prevent programs from accessing protected credentials".  What are protected credentials and where/how are they determined?
4) Similar question to #3 but for the "Allow trusted screen capture programs access to protected screen contents".  Where is the list of trusted screen capture programs and how is it determined what is protected screen contents?
5) The Shields Setting tab and the Protected Website section have some of the same settings.  For example, for phishing and for man-in-the-middle.  Which takes precedence?

Best answer by JimM 13 June 2012, 00:24

View original

7 replies

Userlevel 7
Badge +56
Hello ft33 and Welcome the the Webroot Community Forums,
Have a look at the online help file maybe it will answer some of your Questions?
Uh, no, that didn't help at all.  I had already read that material several times before posting here and I've read it again.  I still don't know the answers to any of the questions I've posed.
Userlevel 7
Badge +56
I will try my best to answer some of your questions!
1. Only Browsers should be in the Protected App list but you can add other programs if you want but it's basically for Web Browsing Security!
2. I know for sure that IE8 & IE9, Firefox 12 & 13, Opera 11.64 and Safari 5 are compatible as to Chrome I don't use it so I think you need to manually add it and the others I'm not sure also only 32bit Browsers are supported at this time maybe except IE9 64bit!
3. And protected Credentials is just what it means online passwords and credit cards or doing any online transactions on HTTPS sites but you can raise HTTP setting to high or Max as I use Max settings!
4. Everything is determined in the Cloud Database I use Hoversnap & Snagit and have no issues but if you use one that is not known to the Cloud Database or some type of Malware that's acts like one it will be blocked!
5. HTTPS is by default set to Max so all would apply and as I said before you can set HTTP to High or Max as I use Max without issues! Also Webroot has set Facebook & Twitter to Max by default to make you safe when entering your Username & Password!
6. In the 3 pictures are my settings!

Userlevel 7
Hi ft33,
1) If an application is not on the protected applications list, it is not protected. Websites are determined based on what we can see from an active application.
2) Supported browsers are IE, Firefox, Chrome, and Opera.  Those are listed here in the help file as well.
3) It prevents untrusted applications from accessing a particular area in the system where credentials are stored. It is discrete from antikeylogging.
4) If it's trusted, that means it has been marked good in our database.  "Protected"  means it is a protected website/application in the foreground.
5) The option under Settings will control it globally but you can control it on a specific type of domain under Protected Websites. The main use case would be to allow a set of URLs past the phishing protection but not past the antimalware protection.
If you have any other quesions, please let us know.  🙂
That helps a lot Jim - thanks.
I'd like to ask some followups to make sure I understand this then if you don't mind.
3) Credentials.  Which credentials are you talking about?  The Windows logon credentials, browser caches for logons, or what exactly?  I'm just trying to understand what is being secured by this setting - it's just a very broad term.
4) Screen Capture.  OK, I think I understand now.  So ... with the initial default Webroot config then only HTTPS sites would have screen capture protection when viewed by a browser (or other application) which is set to "Protect" in the Protected Applications list.  Is that correct?
5) Still a little confused on precedence.  The Protected Websites section comes as default with HTTPS and HTTP categories with settings for phishing, man in the middle, and screen capture.  This pretty much covers ways to access websites (ignoring ftp I suppose).  It seems you just said this Website setting should take precendence. Fair enough. But, when would the global settings from the Shields tab for these 3 items *ever* be used?  Would I have to remove the HTTP or HTTPS categories so that a site then "fell through" to the global settings?
Userlevel 7
3) This is a lot of different stuff - Windows secure storage, cookie information, stored passwords, and saved forms.
4) Yes
5) You can add non-browser applications to the list of Protected Applications as well.  For an application that doesn't use HTTP or HTTPS, the global settings would still apply.  Communication between non-browser applications or other URLs being transmitted on the system is where this would fall into play.
Got it now. Thanks.