PasswordPod encrypts your secure data file using AES encryption. AES stands for Advanced Encryption Standard and supersedes the former DES encryption standard. AES is extremely secure and has been approved by the U.S. government for storing top secret data. There is no "back door" and no-one has been able to break into an AES encrypted document. AES is now used extensively throughout the world by organisations that require a high level of data security. AES requires a key, which is derived from the password you supply. An AES key can be 128, 192 or 256 bits long. PasswordPod uses a key length of 256 bits. Information for techies: this implementation processes the 16-byte data blocks in counter mode and uses an HMAC-SHA1 algorithm to derive the key from the password.

If the password is not easily guessable and there is no mathematical weakness in the encryption system, the only thing left for an attacker to do is to execute a brute force attack, in other words to use computers to keep trying different combinations until the required key has been found. This kind of attack has been successful in the past on data encrypted using the older DES encryption system with a 56-bit key, but is not practical for AES, which encrypts data using a key length of at least 128 bits. The following quote from the U.S National Institute of Standards and Technology (NIST) explains:

In the late 1990s, specialized "DES Cracker" machines were built that could recover a DES key after a few hours. In other words, by trying possible key values, the hardware could determine which key was used to encrypt a message.

Assuming that one could build a machine that could recover a DES key in a second (i.e., try 2⁵⁵ keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.

PasswordPod uses a tried and tested AES implementation kindly provided by cryptography specialist Dr Brian Gladman. His software is used by many organisations, including Winzip Computing Inc, who received FIPS-197 certification for the AES elements of their WinZip® product.

PasswordPod's Security Measures

PasswordPod always writes encrypted data to the secure data file and never saves data to the file in unencrypted form. To access the data, you must unlock it by entering the master password associated with the file. Once unlocked, the data is held in your computer's memory. When you lock the data, the data is wiped from memory and the data can no longer be viewed from the program. The same process occurs when you exit the program. Fields in windows containing sensitive data are also wiped whenever those windows are closed.

In order to be able to write encrypted data to the file as changes are made without constantly asking for the master password, the password needs to be stored in the computer's memory whilst the data is unlocked. The master password is stored in encrypted form and is only decrypted when it is needed to write data to the file, after which the unencrypted password is wiped from memory again. This is actually more secure than asking you to provide the master password each time.

The values of the data items in your records such as user names or passwords are held in your computer's memory in encrypted form whilst the secure data file is unlocked and are only decrypted for as long as it is necessary, for example to display them on the screen or transfer them to a web page or other document. Therefore, the values of data items that you don't display or copy to a web page or other document never need to be decrypted at all whilst you're using PasswordPod.

The PasswordPod program is itself wrapped in a secure shell to guard against tampering and monitoring.

It doesn't matter if your computer is turned off or loses power suddenly when you're using PasswordPod because the data in your file is encrypted at all times and PasswordPod updates the file every time you change something. If your computer is turned off suddenly and there was no chance to lock the data, this just means that PasswordPod didn't have a chance to wipe the data from memory, but when your computer turns off, the loss of power means that data held in the memory chips fades away anyway.

If you open up the Windows Control Panel and look at the Power Settings, you will see if Hibernation is enabled for your computer. Hibernation (which you can disable) takes a snapshot of your computer's memory, writes it to disk and shuts down your computer. When you restart your computer, the snapshot is used to restore your work so you can carry on from where you left off. There are security implications here, because you don't want your unencrypted data to be written to disk along with everything else if the data happens to be unlocked at the time. To prevent this from happening, PasswordPod detects when your computer is about to enter a sleep or hibernate state and immediately locks your data. Locking the data ensures that your secure data is wiped from memory in advance.

General Security Comments

The security of your data depends on how good your password is. Cutting edge encryption is useless if your password can be easily guessed by anyone. Please use a phrase rather than a single word and choose one that is easy for you to remember but would be difficult for others to guess. It is best to make use of special keyboard characters in the middle of some of your words to prevent dictionary attacks. Generally, the longer the password the better, but bear in mind that you may have to type it in often, so you need to strike a balance between security and convenience.

An added benefit of using PasswordPod is that you won't have to type your login details into a website each time you visit, which can help protect you against keyloggers and other spyware programs that might try to record the keystrokes sent by your keyboard in order to obtain your website passwords.

If you associate a record with a website, the data from your record will not be transferred to a page whose web address does not match correctly. This can alert you to phishing scams where fake websites are set up to collect personal data for illicit purposes.