So that all your data are saved securely and protected from access without authority, we have integrated a lot of security technologies into Password Safe.
Following an overview of security technologies used in Password Safe:
• | We only use standardised and absolute safe algorithms. (e.g.: AES, Blowfish, 3DES, etc.). You can choose the algorithm for your data base. We recommend to use the fast and secure standard AES (128-Bit oder 256-Bit key), together with a strong master password. |
• | By hash-algorithms the full strength is used for the encryption. Thus, Brute-Force-Attacks are comlicated. Furthermore after falsely entering three times the data base account will be locked and can be re-locked with a PUK. A Brute-Force-Attack via the login window can therefore be prevented and also defered. |
• | By the use of password policy only secure passwords are accepted, e.g. for the master password of the data base. The password policies can be adjusted to your desires. |
• | Every password array (that means all boxes with asterisk) have an integrated protection. The data are kept encrypted in the memory. The readout of the arrays with "Password Revealer" is not possible, because not the data are in that array, but only asterisks. These password arrays have an additional key logger protection, which refuses access to most of the software-key loggers. Also at many password arrays a screen keyboard is available, which can optionally be used with randomly generated arrangements. |
• | For the automatic password entry via our Script-Engine and shortcuts we have as well integrated a blocker for key logger. |
• | The clipboard is supervised by Password Safe. If you pass data from Password Safe to the clipboard you will be informed about programs, which supervise the clipboard, and you can terminate the action, uniquely allow it, or also license the software permanently/or exclude it. |
• | Security relevant data will be encrypted in the memory (e.g. master password) and also deleted again from the memory securely by overwriting. Same also applies to documents, which will be saved by you on the fixed disc, these will also be deleted securely by the Gutmann-method. |
• | There are many security options for the setting of the display of passwords. So passwords can be generally hidden and only be displayed when actually needed. If you are not at your workplace for a longer time you can have the data base locked. These security options are generally activated. |
• | There are 3 different security zones (private, workplace, public). For each security zone you can adjust all settings and if you are for example at a different PC with a USB stick, you can make use of considerably more exact settings than at your home PC or workplace. |
• | Furthermore we use technologies which avoid that certain programs which are relevant to security can be activated. |
• | Besides the software is protected from external manipulations and in addition digitally signed. |
We are constantly searching for new security technologies, so that we are alway up-to-date with the best available technology.
Despite all these technologies it is important that an active virus protection is installed, because here normally all known software key loggers and destructive programs are cut off from the outset. This should be understood for every PC that is out on the internet. Like for all algorithms the use of a safe master password is very important, so you can forbid from the outset that someone can guess your password or find out by dictionaries (Dictionary-Attack) and Brute-Force-Attacks would take millions of years to calculate the password.
Tips for secure passwords
Sometimes you need a password you can keep in mind, but it should as well be absolutely safe, for example for the master password of the data base. The following guidelines give you some hints, how you can create yourself a safe and as well easy to memorise password.
• | A safe password should at least be 10 characters long. But it is not really safe until 15 characters. |
• | A safe password consists of numbers, punctuation marks and special signs. Moreover it contains upper and lower case. |
• | If you can look up your password in a dictionary, it is not safe enough. Password cracker programs (Brute-Force-Attack) work with such dictionaries and have a crack at their entries systematically. |
• | The own name, names of relatives, the name of the pet, telephone numbers, car numbers, birthdays and other data that can be found out by a research about you are unusable as a password. The same applies to numbers like pi. |
• | Avoid keyboard patterns like asdf and jklö. |
• | Create passwords in which you use the initials from sentence you can easily memorise. "Starting from now I only want to use safe passwords for my PC" makes Sfn1owtuspfmP (additionally here for example I was replaced by 1). |
• | A further way is to mix up numbers and words: K2e9n1n0w2o0r0t1 out of keyword and 29.10.2001. Thereby the date should not be a common birthday. |
|