What Encryption is used?

Darn! Passwords keeps your passwords, settings, and other information in a file called a vault file. This information is extracted by the program when it is needed. Darn! Passwords! offers a choice of three levels of protection:

Darn! Passwords! Standard Edition

The Standard Edition of Darn! Passwords! uses compression and encryption similar to that used in a password-protected Zip file. This is sufficient to keep your passwords away from the prying eyes of the average person.

Darn! Passwords! Professional Encrypted Vault

Darn! Passwords! Professional uses Blowfish encryption to protect the contents of your vault file. Blowfish is a secret key block cipher, designed by Bruce Schneier, that operates on 64 bit (8 byte) blocks of data. It uses a variable size key, but typically, 128 bit (16 byte) keys are a considered good for strong encryption. It is currently one of the faster block ciphers.

In an Encrypted Vault the secret key is partly provided by the program, and partly provided by you, and these parts are stored in separate places. The part provided by the program is hidden and based, in part, on the master name and categories you create when you make a "name account." When you create a new safe you will be prompted for your secret key. It can be a sentence or a word. We recommend making it 50 characters or more for added security. You can change your secret key using the Vault Converter utility, but only if you remember the original key.

Darn! Passwords! Professional Encrypted Key Vault

When using an Encrypted Key Vault you must enter the secret key every time you start Darn! Passwords! This key is not stored anywhere on your computer. Thus you must know the key in order to use an Encrypted Key Vault at all. Darn! Passwords! does store a "control phrase." When you enter your secret key, this control phrase is decrypted. If the decrypted phrase is incorrect, the vault is not opened and the program closes.

Given the nature of the world, we cannot guarantee that your vault is absolutely hack-proof. However, these three levels give you a way to make an informed choice about storing your important passwords.

How many people can use the safe?

There is no built in limit.

Is Darn! Passwords! Open Source?

No.

Are there any "back doors" into the program?

No.

What if I lose my password?

Don't do that! Pick something you can easily remember that is not obvious to people you know. We can not help you recover your password. Please don't ask. Better yet, remember that one password!