Please enable JavaScript to view this site.

Simple Backup Help

Navigation: » No topics above this level «

What does Simple Password Safe do?

 Scroll Prev Top Next More

Simple Password Safe allows you to easily manage passwords for all your accounts.

 

Just start the software, create a strong master password then start adding your account details.

 

 

Who is this software for?

 

This software is intended to be so easy to use that you can use this software even if you think of yourself as someone that doesn't know how to use computers very well.

 

That said, if you're a power user there are options that provide you with more control if you want it, allowing you to create and manage multiple password safes, each with their own master password.

 

 

Where is the password safe stored?

 

The default password safe is stored in <windows drive>\users\<user name>\AppData\local\SoftwareVerify\SimplePasswordSafe\default.pws

 

For example: c:\users\david\AppData\local\SoftwareVerify\SimplePasswordSafe\default.pws

 

 

Can I create and use more than one password safe?

 

Yes.

 

You can create as many password safes as you want.
 
Each password safe can be stored where you want to store it on disk, on a network share, a USB key, an external hard drive. The choice is yours.

 

Each password safe has it's own master password.

 

 

How is the account and password information kept safe?

 

The data for each account is encrypted using Microsoft's Data Protection API using the master password for additional entropy when encrypting the data.

 

A detailed description of this process is provided by Microsoft.

 

It uses proven cryptographic routines, such as the strong Triple-DES algorithm in CBC mode, the strong SHA-1 algorithm, and the PBKDF2 password-based key derivation routine.

It uses proven cryptographic constructs to protect data. All critical data is cryptographically integrity protected, and secret data is wrapped by using standard methods.

It uses large secret sizes to greatly reduce the possibility of brute-force attacks to compromise the secrets.

It uses PBKDF2 with 4000 iterations to increase the work factor of an adversary trying to compromise the password.

It sanity checks MasterKey expiration dates.

It protects all required network communication with Domain Controllers by using mutually authenticated and privacy protected RPC channels.

It minimizes the risk of exposing any secrets, by never writing them to disk and minimizing their exposure in swappable RAM.

It requires Administrator privileges to make any modifications to the DPAPI parameters in the registry.

It uses Windows File Protection to help protect all critical DLLs from online changes even by processes with Administrator privileges.