More About Password Safe
Password Safe
allows you to manage your old passwords and to easily and quickly generate, store, organize,
retrieve, and use complex new passwords, using password policies that you
control. Once stored, your user names and passwords are just a few
clicks
away.
Using Password
Safe you can
organize your passwords using your own customizable
references—for
example, by user ID, category, web site, or location. You can choose to
store
all your passwords in a single encrypted master password list (an
encrypted
password database), or use multiple databases to further organize your
passwords (work and home, for example). And with its intuitive
interface you will be up and running in
minutes.
Oh, and the desktop version of Password Safe is freely available
under an Open
Source approved license. A
Linux version (available in source, .deb packages for Debian or
Ubuntu or .rpm packages for RedHat-based distributions) is also available.
A disk-on-key version is also available.
For customization and commercial support, please contact
me.
The Open Source version of Password Safe
was originally hosted on SourceForge. Currently the
main source
repository is on GitHub, with SourceForge serving as a
backup repository.
What Makes Password Safe Secure?
So we claim to be secure. Why should you trust us? What steps do we take to back this claim? Well, here are a few:
- Open Source - Most important, you don't have to take our word for it. You can download the source code and inspect it yourself, or have someone else
check it for you. If you're really concerned, you can build the program from the sources you've downloaded and reviewed, instead of the binary files
we build for each release.
- For the files we provide, you can check that they're the ones that we've uploaded, and not tampered with, by checking the
GPG cryptographic signature that's generate for each file.
- Designed by Bruce Schneier - the original version was designed by renowned security expert Bruce Schneier, and we have his
permission to say so.
- No back door / recovery mechanism - there's no way for users (or developers, for that matter) to access the passwords without
the master key.
- Hard to brute-force - In the absence of back doors, an attacker can try a brute-force attack, e.g., using a dictionary.
Password Safe has safeguards in place to make this as hard as possible.
- The master passphrase is never stored the clear. We store something that derived from the master passphrase, but hard to calculate.
When you enter your passphrase, we duplicate the calculation and compare the results. Only if the comparison succeeds do we continue
to derive the encryption key from your master passphrase.
- Sensitive memory is kept from swapping to disk.
- All user data is encrypted in memory.
- Memory with sensitive data is wiped as soon as possible.
- File integrity checks: Even if the file's encrypted, it's not necessarily protected against unauthorized modification. Password Safe
implements integrity checks on the file so that an attacker cannot modify it without knowing the master passphrase.
- Reliability: Backups of previous databases are kept by default. The user can configure how many backups to keep and where
to keep them.
- For more details, feel free to contact the authors.
