|
Security.
- Integrated keystroke and mouse clicks capturing protection.
Anti-spyware protect the LSN Password Safe, both usual and screen keyboard. Anti-spyware does not require installation into the system and run with the program, by this way you can use this program relatively safe on another computer (for example, from a flash drive).
Verify the effectiveness of anti-spyware using special programs - testers. For example, you can use the AKLT.exe from http://www.snapfiles.com/get/antikeyloggertester.html. This program consists of 7 methods to intercept input from the keyboard. You can check that none of these methods can not get the text typed on the keyboard in secure windows of LSN Password Safe.
The anti-spyware for mouse events we tested using our own program, which intercepts mouse events in several different ways, including various hooks and scanning - the most used in spyware. The testing showed none of the method implemented doesn't allow to recieve the correct sequence and the coordinates of mouse clicks.
- Windows text capturing protection. (up)
Everyone noticed the asterisks in the windows of a password input, but not everyone knows the information hidden behind the asterisks of standard windows can be read, in a few different ways. Some functions can take the text from the text input box, or copy it to the clipboard, or open a window - removing the asterisks. Our windows are protected from all of these options. We tested it.
- Memory protection (run-time encoding and wiping). (up)
To protect the memory from unauthorized reading we use two technologies.
1. All the data in record, including passwords, is almost always the run-time encrypted, even at run-time.
2. Is becoming free the program wipes dynamically allocated memory getting free. For this reason, geting process memory dump or reading uninitialized memory by another process is out of meaning.
- Integrated Captcha against emulators. (up)
Software emulator can do (emulate) the actions of people at the computer, for example, clicking the mouse buttons within a window, pushing the window buttons or the keyboard keys. Of course, there are the virtual actions, not physical. All these actions can happen quickly, so that the user will not be able to notice anything. Such programs are not widely known, however, when impossible other spying, this may be applied. Program LSN Password Safe is protected from this threat by Captcha. This is a well-known technology in the Internet. A particular case of Captcha - a picture with the numbers that you must type on the keyboard. The number in the picture is usually recognized by humans with ease, but a good Captcha - not avoidable task for computer.
- File protection and data theft prevention. (up)
In LSN Password Safe realized strong protection of files with data from theft. If a data file to be stolen, it will not be able to open and decrypt on another drive, even if they know the correct password. Choose a random password is also unrealistic, even if the original password was very easy. The point is that the structure of the file depends on the physical and logical parameters of the drive on which the file was recorded at the program. Accordingly, file on another disk can not be decrypted. For the same reason to copy a data file to another disk, you can only at the program itself. Otherwise, you will not open the file.
WARNING !!! This option will not work with SSD drives. File recorded on the SSD drive can be read on any other SSD drive, if you know the password.
- Secure work on another computer. (up)
Since all the security systems included in the program does not require the installation and run with the program, you can run the program from USB Flash Drive on any computer with maximum security. As mentioned above - the theft of a file on your USB Flash Drive is of no use. Nevertheless, on another computer, do not open important records and do not copy or drag-and-drop important passwords.
- The synchronization of files on multiple drives for data loss protect. (up)
For reliable data storage there must be at least two copies on different disks - for example, one on your hard disk, the another - on USB Flash Drive. In this case, data will not be lost even if the hard disk is broken or USB Flash Drive lost. The system automatically synchronize the files on different drives at the actual state. For example, you may edit the file to USB Flash Drive by running the program with USB Flash Drive to another computer. As soon as USB Flash Drive is connected with your computer and any file from the list of synchronization open, all available files from the list will be updated.
- The backup will protect your data from any errors. (up)
The backup protects against possible errors, both users and the author of the program. If a data file is damaged, you could open one of the backup copies and work with it.
- Clipboard protection. (up)
Clipboard is locked for the master password. Another passwords protected by Captcha.
- Drag-and-drop secure fill for text fields. (up)
When you drag the passwords or other text from the LSN Password Safe, the text can not be intercepted neither by the clipboard spy nor by keylogger nor Drag-and-Drop spy.
- Secure virtual (screen) keyboard. (up)
"Secure" - usually is written about any screen keyboard, but it is not always true. There are a great number of methods to get the data entered by the screen keyboard.
Some of them are:
- Getting the picture on the screen (if you can see how the buttons are pressed on screen keyboard).
- Reading entered passwords from the window with asterisks.
- Getting the coordinates of the mouse clicks on screen keyboard.
We tested the screen keyboards of popular password managers - could not find any, that protected against all known variants of unauthorized access. Many of these keyboards has not any protection, ie, unauthorized access is possible for any of the listed methods.
Our screen keyboard with the enabled AntiLoggers, protects against all of the listed spy methods.
Moreover, on our screen (virtual) keyboard you have two ways to type the text: by clicking on the images of keys or pressing the keys of a real keyboard. Thus, it is possible, for example, to type half of the password by pressing the keys of real keyboard, and the other half - by mouse clicks. The combination of the two ways when you enter a password is the most difficult for spyware. Just stop to think of it - to obtain the password, spyware must copy the image from the screen, to hook a keyboard input and a mouse events - and all of this while the AntiLoggers on work!
- Encryption algorithms. (up)
In the program are 4 encryption algorithms: Serpent, AES (Advanced Encryption Standard, key size 256, block size 128), Blowfish and non-standard encryption algorithm (stream-type, written specifically for this program). You can choose any algorithm (or algorithms) to encrypt the file. If you select several algorithms (recommended), then the file is encrypted by all selected algorithms, using a unique key for each algoritm. Unique keys are formed using different hash functions: Tiger, SHA-1, MD5 and non-standard. Each next cipher gets the key as the previous key hash.
- A multiple mode may not be weaker than its strongest component, if the component keys are chosen independently. (Eli Biham)
You can choose number of Key encryption rounds (using the algorithm AES). Key is a hash sum of the password. Each encryption round take a time. It works against dictionary attack. Use [<< Auto Fill] to set 0.1 second delay for encryption rounds (recommended).
- Sheme of cascade encryption: (up)
Key encryptions:
Password -> SHA-1 -> (AES x N Key encryption rounds) = Key1
Key1 -> Non-standart key hash = Key2
Key2 -> MD5 = Key3
Key3 -> SHA-1 = Key4
Key4 -> Tiger = Key5
Data encryptions:
Data -> Key2 + Non-standart data encription = Data2
Data2 -> Key3 + Blowfish = Data3
Data3 -> Key4 + AES = Data4
Data4 -> Key5 + Serpent = Data5
|
|
|
