Acerose Password Vault
Table of Contents:
Change User Name and /or Password
Acerose Password Vault provides you with an easy way to organize and keep all your passwords both safe and secure. In this technological age, passwords are the means of keeping all your on-line assets safe from attack, be they e-mail, retirement accounts, on-line banking, web site control, or tax filings. The problem is that most people use a few easy to remember passwords and then reuse them over and over. If the passwords you use can be found in the dictionary or are the names of persons, places, or things (spelled forward or backward), then they must be considered weak and subject to cracking.
Strong passwords appear as random sequences of letters, numbers, and even punctuation. Such passwords are not subject to cracking by programs that quickly and repeatedly try dictionary words until the right combination is found. The problem with strong passwords is that they are hard to remember and even to create correctly. Acerose Password Vault solves these problems and adds a level of convenience that can’t be found is general purpose encryption software. Consider the following features:
* You only need to remember one strong password or passphrase to open the vault file.
* The vault file is secured from attack using a streaming cipher based on SHA-1 (Secure Hash Algorithm 1). This proven algorithm is at the heart of all Federally approved digital signature schemes and is considered computationally improbable of being cracked. The Acerose Password Vault is available in a 56-bit key version.
* The vault file is kept safe from corruption or deletion using a number of features such as a robust file format, redundant critical fields, and automatic multiple version backup. The Auto backup feature can keep up to 10 versions of your vault file on a local hard drive or a network location. Many other password programs concentrate on security to the exclusion of safety. Security is of little value if even you can’t access your own passwords because of file corruption or deletion.
* Create strong passwords easily with a cryptographic quality password generator. The password generator is highly configurable and graphically displays the approximate strength of the setting you choose.
* The auto manager feature allows many users to run the Acerose Password Vault program from a single network location. The advantage of using a network location is that you have access to your passwords from any PC on the network. Hundreds of users can create and access their passwords without needing to know of or coordinate with other users. Of course, you can run it on a single PC if that’s what you want.
* The multiple action launch lets you launch (open) a web page and copy the corresponding password to the clipboard with a single click. This feature is highly configurable and includes the ability to use scripts as part of the URL, and to clear the clipboard automatically after a selectable delay.
* You can also chain one vault file to another, which lets you separate passwords of one purpose from others using a master vault to open other vaults.
* You can import and export tab or comma delimited files. If you’re already using some means of storing passwords electronically, you may be able to export them from that software into a tab or comma delimited file and then import them into the Acerose Password Vault program.
* Selectable Tray options lets you use the Acerose Password Vault program as a tray application. You can choose to close and/or minimize to the tray, or neither. You can also choose to require a password to view the program’s contents when it’s restored from the tray.
* You can sort all the passwords by any of the six columns just by clicking on the column’s heading. You can select just what columns you want to view as well as their order and width.
The Data Encryption Standard that was used for many years by banks and finical institutions to transfer funds electronically uses 56 -bit encryption. To break a 56-bit password by brute force requires trying each of the 72,057,549,037,927,936 possible keys. It's possible that the first key selected is the correct key, but it's just as likely that it will be the 72,057,549,037,927,936th key selected. On average, half the possible keys have to be tried before coming across the correct one. If an attacker could test one million keys each second, which is well beyond even the fastest personal computer, it would take over 2 years and 3 months to try half the keys. It can be done, but someone has to be very interested in the data that's being protected.
As a U.S. company, Dexadine is subject to U.S. export restrictions, and thus, we have had to limit the encryption strength to 56-bits in order to offer Acerose to the public on the Internet.
Create a Vault File
To create a new vault file enter the User Name you want to use and the Password you want to use. The User Name and Password can be up to 75 characters in length and contain spaces. Once you have entered the User Name and Password, click on Open or Create Vault File near the bottom of the window. When the window pops up asking if you want to create a new password vault file, click Yes. An information window will now display showing you the name of the vault file and the strength of the encryption as well as other important information. Read the information and then click the check box near the bottom left of the screen. When the checkbox is checked, click the Reenter User Name and Password to verify them button. Now reenter the same User Name and Password to verify they were entered correctly.
Once you have reentered your User Name and Password, the vault file window opens. The main menu displayed at the top of that window allows you to customize how the program works. All custom settings are stored in the vault file. This allows any number of users to customize the program without effecting other users' settings.
Open an Existing Vault File
To open an existing vault file just enter your User Name and Password. If a window opens asking if you want to create a new password vault file, that means you didn't enter the User Name and/or Password correctly. The User Name and Password must be entered exactly the same including the case of letters and spaces between words. It's a good idea to write down your User Name and Password until you are confident you can remember them exactly.
The Data Window displays up to six columns of data with the following headings:
Description
User Name
Password
URL
Date
Note
Any of these columns can be shown or hidden using the View menu. The data can be sorted by any column by clicking on its heading. Clicking a second time reverses the order. The columns can be sized by clicking and dragging on the divider between headings. The order of the columns can be changed by dragging and dropping the column headings. All the changes will be retained, except the initial sort, which is always done by the Description.
Click on a record in the Data Window to select it. Only one record can be selected at a time. Once a record is selected you can Edit, Delete, or Launch using the buttons at the top of the window. You can also right click to open a menu which contains the following functions:
Launch
User Name to clipboard
Password to clipboard
Add record
Edit record
Delete record
Copy to add
Passwords are often broken because people use easy to remember words, usually of one case, or just initial caps, and they often use words connected to themselves is some way, such as the name of a pet, relative, place, etc. Even worse, people re-use the same group of a few favorite passwords over and over. They do that so that if they forget a password, they only need to try a few passwords from their favorites list to login, but these week passwords are subject to cracking by password guessing programs that pull words from dictionaries. With the Acerose Password Vault you can use strong passwords and never need to think-up or even remember them again, except for the password that opens the vault file.
The Acerose Password Vault includes a cryptographic quality password generator that can create passwords of over 180-bit strength. Bit is a term used in the binary number system, but and easy way to think of it is that for every bit increase, the strength of the password doubles. That is, 41-bit strength is twice as strong as 40-bits and a 56-bit password is 65,536 times as strong as a 40-bit password.
To select the length of passwords and to specify the character set, click Options on the main menu and then click Password generator options... to open the Password Options dialog. Set the length of the password using the up and down arrow buttons in the Password Length edit box. Check each type of characters you want to include in the set of possible characters. You can also include special characters by checking the Special Characters box and entering the characters you want to include. If you ever expect to type in the password, rather than paste it in, you may want to check the Exclude Characters box. The idea is to exclude characters that look alike such as zero and the letter O, or the number 1 and the upper case letter I or lower case L. As you make selections, a bar graph shows the strength of the resulting passwords. Once you've made your settings, click the OK button to store your settings in the vault file.
The actual passwords are created in the Record Editor dialog. You can also open the Passwords Options dialog from the Record Editor dialog.
The Record Editor dialog is used to add new records (rows) and edit existing records. The dialog can be sized to the full width of your screen and positioned as desired. The position and size of the dialog are saved to the vault file and used the next time you open the Record Editor dialog.
Add New Record
Either click Add on the main menu or right click on the data window to open a popup menu and then click Add record. Either action will open the Record Editor dialog. Fill in any of the fields you want. The Password and URL fields can be copied to the Windows clipboard when you launch, but no field is actually required.
For the Password field you can have the program create a password for you by clicking the Create Password button. You can specify the length and character set of the password by clicking the Options button just below the Password edit box or by clicking Options on the main menu and then clicking Password generator options.
For the URL field you can enter the full URL such as "http://www.dexadine.com" or you can select an appropriate script by clicking one of the radio buttons below the URL edit box. See Launch Setup Options for more information.
With all the fields set the way you want, click the OK button. The record is immediately added to both the vault file and the data window.
Edit Existing Record
Select the record you want to edit in the data window and then either click Edit on the main menu or right click on the data window to open a popup menu and then click Edit record. Either action will open the Record Editor dialog with the selected record's data. Edit any of the fields you want. With all the fields set the way you want, click the OK button. The edited record is immediately changed in both the vault file and the data window.
Copy To Add Record
Sometimes you may want to add records that are very similar to one another. After you have added the first record, click on it in the data window, then right click to open a popup menu and then click Copy to add. This action will open the Record Editor dialog with that record's data, but the status bar at the bottom of the Record Editor dialog states "Edit this record and Add as a New record." This feature allows you to modify an existing record and add is as a new record.
With all the fields set the way you want, click the OK button. The record is immediately added to both the vault file and the data window.
See Delete Records to remove unwanted records.
Keeping your passwords secure is only half the job. It's just as important to keep them safe. The current vault file is always kept in the same folder (directory) as the Acerose Password Vault program, but you can select any other folder for keeping the backup vault files. You can also select from 1 to 10 as the number backup versions to keep.
Each time you add, delete, or edit records (rows), the version of the vault file is incremented. When you exit the program, the auto backup function checks to see if the current file is a newer version than the newest backup, if it is, the existing backup files are all pushed down by 1 and the current vault file is copied to the backup directory as the newest backup file. If the maximum number of backups is exceeded, the oldest backup is overwritten twice with random data, then overwritten a third time with null values, and finally deleted. This secure delete makes it improbable that the file could be recovered by any means, and even if it were, it's still encrypted.
To select auto backup, click Options on the main menu and then click Auto backup options... to open the Auto Backup Options dialog. Click on Automatically back up the vault file to check it. Use the up and down arrows to set the Number of versions of the vault file to keep. The greater the number the safer, but the more disk space used. Next select the backup folder. If possible, select a folder that's on a different physical hard drive then the folder that contains the Acerose Password Vault program. That way, if one hard drive fails, at least one vault file will exist on another hard drive. Finally, click the OK button. All user settings are stored in the vault files themselves. The advantage is that many users can customize the program without changing other users' settings. The disadvantage is that you need configure every vault file you create.
In the unlikely event that you need to restore from backup, use the Recover Data dialog.
One advantage of using a password vault as compared to just an encrypted file, is that most password vault programs allow you to launch the web page directly, just by selecting the record and clicking some button. The Acerose Password Vault takes this idea to the next level by allowing you to perform several actions when you launch, including using scripts with variables for the URL, User Name, and Password.
To open the Launch Setup Options dialog, click Options on the main menu and then click Launch setup options... Whenever you execute a launch from within the program, the options you select in this dialog will be performed.
In the Copy To Clipboard radio group select if you want either the Password or User Name to be copied to the clipboard at launch. Once in the clipboard you can just paste into a web site's form, which is not only faster, but prevents you from typing it in wrong.
If you want a double click on the Data Window to launch the selected record, check the Double click also executes launch checkbox.
If you want to see and confirm a URL before launch, check the Show URL before opening web site checkbox.
If you want the clipboard to automatically be cleared after launching, check the Clear clipboard after checkbox and select the desired time from the drop down box.
You can enter or edit up to three scripts that can be used to launch web pages or programs. These scripts can include the following variables:
%URL% Contains the URL field of the selected record
%UserName% Contains the User Name field of the selected record
%Password% Contains the Password field of the selected record
The default Script #1 is http://%URL% In this case, if the URL field contains www.dexadine.com and Script #1 is selected in the Record Editor dialog, the final URL will be http://www.dexadine.com when launched. Note that each variable starts and ends with the % character and that no spaces are used between variables unless you actually want spaces.
The variable name are not case sensitive and to shorten things a bit you can use the following two letter variable names rather than the full names:
%UR% Same as %URL%
%UN% Same as %UserName%
%PW% Same as %Password%
The default Script #2 is https://%URL% which is used for secure web pages. Of course you can change the scripts to whatever you want. For example, some web sites allow you to pass the user name and password as part of the URL. A script of this type would look something like what follows:
https://%UR%?name=%UN%&password=%PW%
If you are not comfortable using scripts just select Launch Using URL Field when entering the URL field in the Record Editor dialog.
By default the program closes and minimizes normally, but you can select to have the program close and/or minimize to the system tray. These are the little icons on the opposite end of the task bar from the Start button. Once in the tray, you can open the program again be either double clicking on its icon or right clicking and selecting Restore from the popup menu.
You can also require a password to reopen the vault. This Restore Password can be much shorter than your normal password, as it's only valid after you have already opened the vault file. It's a handy way of keeping the vault at the ready without having to reenter your normal password.
To set the Tray Icon Options, click Options on the main menu and then click on Tray icon options... to open the Tray Icon Options dialog. Check the options you want, and if you check Require password to restore program then enter a Restore Password. You are not asked to reenter the password as it's not critical. If you forget your restore password, just right click the tray icon and select Close from the popup menu. Then start the program again and enter your normal Uses Name and Password to open the vault file. Now you can open the Tray Icon Options dialog and view or change your Restore Password.
To close the program so that it not in the tray, either right click the tray icon and select Close from the popup menu or click File on the main menu and then click on Exit.
Change User Name and /or Password
You can change the User Name or the Password or both by clicking Options on the main menu and then clicking Change User Name or Password... With the dialog open, check Change To New User Name and/or Change To New Password. Enter the new User Name and/or New Password. If Conceal Password is checked, you must enter the New Password a second time.
If you want to free some extra disk space, check Delete backup files for the old User Name and Password. These files will then be securely deleted so that they can't be recovered.
With everything set, click the Change button. The program will display a summary of the changes and allow you to confirm or cancel the changes. Click OK to execute the changes.
When you change the User Name and/or Password the auto administrator changes the name of the vault file. If you want to know what that name is, click File on the main menu and then click Vault file information.
If you want to copy the current vault file to another folder, either to back it up or to put it on removable media, click File on the main menu and then click Copy vault to... With the Copy Vault dialog open, enter or browse for the folder you want to copy to, then click the OK button. The program will display a summary of the action and ask you to confirm or cancel. To confirm, click the OK button.
This feature allows you to export any or all fields (columns) for all records (rows) in the currently open vault file to a text file using either tabs, commas, or pipe characters to separate the fields. Once exported, you can print or edit the text file using any text editor. These same files can also be imported.
The first step is to select all the fields you want to export by opening the View menu on the main menu and making sure there's a checkmark by each field you want to export. Only the checked fields will be exported.
Next, click File on the main menu and then click Export records... to open the Export Records dialog. Note that all selected fields are displayed near the top of the window in the order they will be exported. If you want to change the order, simply drag and drop the fields to the left or right. Once the fields are setup, select the delimiter character. Note that the delimiter character must not be used in any of the records, thus, the tab character is usually the best choice. Finally, enter or browse for the file you want to export to and then click the OK button.
Note that the records are exported in the order they exist in the vault file, not how they are sorted in the data window. If any of the URL fields use scripts, the field will be translated and then exported.
Many programs, including the Acerose Password Vault, can export records (rows) to comma or tab delimited (separated) files. This makes it easy to move data from other programs or from one vault file to another vault file.
Before importing records, open the file you want to import with a text editor like Notepad and determine what fields (columns) are included, the order of the fields, and the character that is being used to separate (delimit) the fields. Once you have that information, click the View menu on the main menu and make sure there's a checkmark by each field you want to import.
Next, click File on the main menu and then click Import records... to open the Import Records dialog. Note that all selected fields are displayed near the top of the window in the order they will be imported. If you need to change the order, simply drag and drop the fields to the left or right. The number and order of the fields must exactly match those in the file you want to import. Once the fields are setup, select the delimiter character. Note that the delimiter character must be what's actually used in the file you want to import. Finally, enter or browse for the file you want to import to and then click the OK button.
An information window pops up informing you that the imported records have not been saved to the vault file yet. This lets you examine what was imported, and if it's not correct, exit the program without saving the imported records to the vault file.
This feature works in conjunction with the Auto Backup function to recover data in the unlikely event that the current vault file becomes corrupt. The usual reason you may want to use this feature is that you inadvertently deleted a record.
Assuming you have selected Auto Backup, you can load in a prior version of the file by clicking File on the main menu and then clicking Records recover... to open the Recover Data dialog. Once the dialog is open, click on the backup you want to load (usually #1) and then click the Load button. That file will be loaded and a message displays informing you how to save the backup as the current file. Click OK to close that message and then inspect the records. If you don't want to make them the current file, open the Recover Data dialog again and select and load the Current Vault File or another backup file. To make a backup file you have loaded the current file, click on either Add or Edit on the main menu and then click the Yes button when you are asked to confirm. The records will be stored to the current vault file.
Records can be deleted one at a time by clicking on the record in the Data Window to select it and then clicking on the Delete button at the top of the window. As a security feature, the record in the file is first overwritten and then deleted, which prevents it's recovery. Once the record is deleted, the vault file is reloaded.