Password Safe

Last updated
Password Safe
Original author(s) Bruce Schneier
Developer(s) Rony Shapiro, volunteers [1]
Initial releaseJanuary 15, 2002 (2002-01-15)
Stable release
3.66.1 / June 4, 2024;
14 days ago
 (2024-06-04) [2]
Repository
Written in C++
Operating system Microsoft Windows, Android, Linux (beta)
Size 17.0  MB
Available in17 languages
Type Password manager
License Artistic-2.0
Website www.pwsafe.org

Password Safe is a free and open-source password manager program originally written for Microsoft Windows but supporting a wide array of operating systems, with compatible clients available for Linux, FreeBSD, Android, IOS, BlackBerry and other operating systems.

Contents

History

The program was initiated by Bruce Schneier at Counterpane Systems. [3] As of 2024 the program is maintained on GitHub by a group of volunteers. [4] [5]

Design

After filling in the master password the user has access to all account data entered and saved previously. The data can be organized by categories, searched, and sorted based on references which are easy for the user to remember. [6]

There are various key combinations and mouse clicks to copy parts of the stored data (password, email, username etc.), or use the autofill feature (for filling forms). The program can be set to minimize automatically after a period of idle time and clear the clipboard. It is possible to compare and synchronize (merge) two different password databases. The program can be set up to generate automatic backups.

Password Safe does not support database sharing, but the single-file database can be shared by any external sharing method (for example Syncthing, Dropbox etc.). The password database is not stored online.

Features

Note: All uncited information in this section is sourced from the official Help file included with the application

Password management

Stored passwords can be sectioned into groups and subgroups in a tree structure.

Changes to entries can be tracked, including a history of previous passwords, the creation time, modification time, last access time, and expiration time of each password stored. Text notes can be entered with the password details.

Import and export

The password list can be exported to various file formats including TXT, XML and previous versions of Password Safe. Password Safe also supports importing these files.

Password Safe supports importing TXT and CSV files which were exported from KeePass version 1.x (V1). KeePass version 2.x (V2) allows databases to be exported as a KeePass V1 database, which in turn can be imported to Password Safe.[ needs update ]

Password Safe cannot directly import an XML file exported by KeePass V1 or V2, as the fields are too different. However, the Help file provides instructions for processing an exported XML file with one of multiple XSLT files (included with Password Safe) which will produce a Password Safe compatible XML file that can then be imported.[ needs update ]

File encryption

Password Safe can encrypt any file using a key derived from a passphrase provided by the user through the command-line interface.

Password generator

The software features a built-in password generator that generates random passwords. The user may also designate parameters for password generation (length, character set, etc.), creating a "Named Password Policy" by which different passwords can be created.

Cryptography

The original Password Safe was built on Bruce Schneier's Blowfish encryption algorithm. Rony Shapiro implemented Twofish encryption along with other improvements to the 3.xx series of Password Safe. [7] The keys are derived using an equivalent of PBKDF2 with SHA-256 and a configurable number of iterations, currently set at 2048. [8] [9]

In a 2012 paper analysing various database formats of password storage programs for security vulnerabilities the researchers found that the format used by Password Safe (version 3 format) was the most resistant to various cryptographic attacks. [10]

Reception

Reviewers have highlighted the program's simplicity as its best feature. [11]

See also

Related Research Articles

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.

ZIP is an archive file format that supports lossless data compression. A ZIP file may contain one or more files or directories that may have been compressed. The ZIP file format permits a number of compression algorithms, though DEFLATE is the most common. This format was originally created in 1989 and was first implemented in PKWARE, Inc.'s PKZIP utility, as a replacement for the previous ARC compression format by Thom Henderson. The ZIP format was then quickly supported by many software utilities other than PKZIP. Microsoft has included built-in ZIP support in versions of Microsoft Windows since 1998 via the "Plus! 98" addon for Windows 98. Native support was added as of the year 2000 in Windows ME. Apple has included built-in ZIP support in Mac OS X 10.3 and later. Most free operating systems have built in support for ZIP in similar manners to Windows and macOS.

<span class="mw-page-title-main">John the Ripper</span> Password cracking software tool

John the Ripper is a free password cracking software tool. Originally developed for the Unix operating system, it can run on fifteen different platforms. It is among the most frequently used password testing and breaking programs as it combines a number of password crackers into one package, automatically detects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix versions, Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL, and others.

<span class="mw-page-title-main">The Bat!</span> Email client for Windows

The Bat! is an email client for the Microsoft Windows operating system, developed by Moldovan software company Ritlabs. It is sold as shareware and offered in three editions: Home Edition, Professional Edition, and Voyager which is a portable version and is included with Professional Edition.

In computing, a Personal Storage Table (.pst) is an open proprietary file format used to store copies of messages, calendar events, and other items within Microsoft software such as Microsoft Exchange Client, Windows Messaging, and Microsoft Outlook. The open format is controlled by Microsoft who provide free specifications and free irrevocable technology licensing.

The Clinical Data Interchange Standards Consortium (CDISC) is a standards developing organization (SDO) dealing with medical research data linked with healthcare, to "enable information system interoperability to improve medical research and related areas of healthcare". The standards support medical research from protocol through analysis and reporting of results and have been shown to decrease resources needed by 60% overall and 70–90% in the start-up stages when they are implemented at the beginning of the research process.Since December 2016, CDISC standards are mandatory for submission to US FDA.

A password manager is a computer program that allows users to store and manage their passwords for local applications or online services such as web applications, online shops or social media. A web browser generally has a built in version of a password manager. These have been criticised frequently as many have stored the passwords in plaintext, allowing hacking attempts.

Data Protection Application Programming Interface (DPAPI) is a simple cryptographic application programming interface available as a built-in component in Windows 2000 and later versions of Microsoft Windows operating systems. In theory, the Data Protection API can enable symmetric encryption of any kind of data; in practice, its primary use in the Windows operating system is to perform symmetric encryption of asymmetric private keys, using a user or system secret as a significant contribution of entropy. A detailed analysis of DPAPI inner-workings was published in 2011 by Bursztein et al.

<span class="mw-page-title-main">Gramps (software)</span> Genealogy software

Gramps is a free and open-source genealogy software. Gramps is programmed in Python using PyGObject, and uses Graphviz to create relationship graphs.

Disk encryption is a technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.

<span class="mw-page-title-main">PeaZip</span> File archive computer program

PeaZip is a free and open-source file manager and file archiver for Microsoft Windows, ReactOS, Linux, MacOS and BSD by Giorgio Tani. It supports its native PEA archive format and other mainstream formats, with special focus on handling open formats. Version 9.4.0 supported 234 file extensions.

<span class="mw-page-title-main">KWallet</span> Password manager

KDE Wallet Manager (KWallet) is free and open-source password management software written in C++ for UNIX-style operating systems. KDE Wallet Manager runs on a Linux-based OS and Its main feature is storing encrypted passwords in KDE Wallets. The main feature of KDE wallet manager (KWallet) is to collect user's credentials such as passwords or IDs and encrypt them through Blowfish symmetric block cipher algorithm or GNU Privacy Guard encryption.

AllMyNotes Organizer is an outliner application for Windows. It allows you to store all documents and notes in a single storage file. Documents are organized in a hierarchical tree representation for quick browsing by topic. A portable version which can be installed on a USB flashdrive, iPod, or removable hard disk drive which can be used on any PC without the need to be installed is also available.

<span class="mw-page-title-main">KeePass</span> Computer password management utility

KeePass Password Safe is a free and open-source password manager primarily for Windows. It officially supports macOS and Linux operating systems through the use of Mono. Additionally, there are several unofficial ports for Windows Phone, Android, iOS, and BlackBerry devices, which normally work with the same copied or shared (remote) password database. KeePass stores usernames, passwords, and other fields, including free-form notes and file attachments, in an encrypted file. This file can be protected by any combination of a master password, a key file, and the current Windows account details. By default, the KeePass database is stored on a local file system.

Additive manufacturing file format (AMF) is an open standard for describing objects for additive manufacturing processes such as 3D printing. The official ISO/ASTM 52915:2016 standard is an XML-based format designed to allow any computer-aided design software to describe the shape and composition of any 3D object to be fabricated on any 3D printer via a computer-aided manufacturing software. Unlike its predecessor STL format, AMF has native support for color, materials, lattices, and constellations.

crypt is a POSIX C library function. It is typically used to compute the hash of user account passwords. The function outputs a text string which also encodes the salt, and identifies the hash algorithm used. This output string forms a password record, which is usually stored in a text file.

<span class="mw-page-title-main">BeerXML</span> Markup language

BeerXML is a free, fully defined XML data description standard designed for the exchange of beer brewing recipes and other brewing data. Tables of recipes as well as other records such as hop schedules and malt bills can be represented using BeerXML for use by brewing software.

<span class="mw-page-title-main">Pleasant Password Server</span>

Pleasant Password Server is a proprietary, multi-user enterprise password server that is fully compatible with a modified version of the KeePass Password Safe. Designed for business users, the password server provides access provisioning as well as per-group and per-entry access restrictions. Pleasant Password Server supports the use of secure passwords, allowing system administrators to manage user passwords from a central web interface.

3D Manufacturing Format or 3MF is an open source file format standard developed and published by the 3MF Consortium.

<span class="mw-page-title-main">Bitwarden</span> Open-source password manager


Bitwarden is a freemium open-source password management service that stores sensitive information, such as website credentials, in an encrypted vault. The platform offers a variety of client applications, including a web interface, desktop applications, browser extensions, mobile apps, and a command-line interface. Bitwarden offers a free US or European cloud-hosted service as well as the ability to self-host.

References

  1. "Members".
  2. "Password Safe - Latest News".
  3. "Password Safe Product Review". NMRC. Retrieved 2010-04-29.
  4. "PasswordSafe". GitHub. Retrieved 2021-03-31.
  5. "Password Safe | Encryption Download". PCWorld. Archived from the original on 2010-10-27. Retrieved 2010-04-29.
  6. "Password Safe Review: Make Password Retrieval Easier". Brighthub.com. 2009-10-31. Retrieved 2010-04-29.
  7. "WineHQ – Password Safe". WineHQ.org. Retrieved 2013-02-07.
  8. Shapiro, Rony (2013-02-05). "Master Key Generation from Master Password" . Retrieved November 29, 2014.
  9. Shapiro, Rony (2013-01-08). "PasswordSafe database format description version 3.29".
  10. Gasti, Paolo; Rasmussen, Kasper B. (2012). "On the Security of Password Manager Database Formats" (PDF). Computer Security – ESORICS 2012. Lecture Notes in Computer Science. Vol. 7459. pp. 770–787. CiteSeerX   10.1.1.933.5924 . doi:10.1007/978-3-642-33167-1_44. ISBN   978-3-642-33166-4.
  11. "Password Safe review". Software-Today.com. Archived from the original on 2011-07-16. Retrieved 2011-08-01.