Why was the PasswordKeyer introduced?
We were really tired of managing all our passwords!
Keeping passwords on a piece of paper really is not safe. And keeping them in a mobile phone or in a computer? One too often hears or sees a password app has been compromised... We would not feel safe enough using an app...
So we tried to find and buy a dedicated device for keeping our passwords safe. But we have found only some kinds of “Password Valets” - it would be really annoying to read a password on a funny display and type it by fingers every time...
This is why we decided to develop a new device - the PasswordKeyer!
Our PasswordKeyer can be inserted between the keyboard and the computer. When one is typing (by hand on the keyboard) a password for the first time the PasswordKeyer can be set to “listening mode” and the password (or any other text typed) is automatically stored inside.
And when you need entering the password next time you can easily locate it on PasswordKeyer display, tap on it and it is typed into the computer pretending it comes from the keyboard.
That’s everything... Simple and handy. And safe.
Does it work only for computers?
No, it is not limited to computers only.
The PasswordKeyer emulates a standard PS2/USB keyboard and a standard Bluetooth keyboard. It means it can be connected to almost any smart device - computers, laptops, tablets, smart phones, etc..
Usually there is no need for installing any driver or software.
(...please see below for Bluetooth safety considerations.)
For what a PasswordKeyer can be used? Just for storing passwords?
No, it is not intended for storing passwords only.
It can be used for storing any texts you want keeping safe, having them all the time with you and eventually entering them to a computer simply by one click.
Logins, passwords, web and other addresses, PIN codes, phone numbers, bank card numbers, etc.
And - if you are a busy IT professional - you can even store sequences of commands you are used to enter frequently to servers and other devices.
When it types a password to a web site instead of a human - isn’t it detected as a robot by the site and refused?
No, this cannot happen. The PasswordKeyer makes random delays between characters typed pretending a normal keyboard strokes.
Where are the passwords actually stored? Is it inside the device?
Well, this everything is just about safety. Your passwords should be safe even when you loose your PasswordKeyer. If somebody steal it or so.
Actually nothing is stored directly inside the PasswordKeyer device. Your passwords (and other texts) are stored on an external dongle you can easily remove from a PasswordKeyer and keep it in a safes.
Above these the data are very well crypted on the dongle, of course.
...and are you using a really strong encryption?
We offer two grades of encryption:
The basic grade is an AES-256 cipher which is considered as one of top ciphers. It is really strong enough.
For special usages we can offer two layers encryption. The data already encrypted by AES-256 are crypted again by a special algorithm we are not going to publish publicaly here... ;)
OK, but where is the entry code stored? Isn’t it easily accessible for somebody who steals my device together with my dongle?
There are two entry codes. One is necessary to enter the PasswordKeyer device and the second is for decrypting data stored on the dongle.
It may look strange but these “entry codes” are stored NOWHERE! Only you need to remember the two entry codes for gaining access to your PasswordKeyer device and for decrypting your stored passwords. But these entry codes AREN'T stored inside the PasswordKeyer device or anywhere else!
It is a clever hack known from cryptography theory. Only something known as ‘hash’ is stored inside the device and on the dongle. Using this hash it is possible to distinguish between right or wrong entry code has been entered by a user. But the right code itself is not stored in.
...and these ‘hashes’ are not easily visible for anybody who would own your device...
Above these you can set up a number of wrong tries before the data are erased and are wiped out.
All these sound really good. But what if I am logged into my PasswordKeyer and it is connected to my computer or to my phone? Can a hacker compromise my PasswordKeyer?
There is no way how an attack can reach the PasswordKeyer even when it is connected to a computer as explained in details here. Including considerations about Bluetooth connection which might be considered as maybe not fully safe, but still the attacker cannot reach PasswordKeyer device inside.
What about a spyware running on the target computer?
Yes, this is a problem. If your computer runs a spyware all the strings entered by a PasswordKeyer can leak. The same as all characters you are typing on your keyboard by your fingers...
Is it possible to copy everything stored on a dongle to a computer, edit it using an editor and upload back to the PasswordKeyer?
No and yes...
It is possible to insert the dongle to a computer, it is just a USB stick. But - by default - this USB stick is not even recognized by the computer and the stored passwords cannot be edited directly on it. This is for safety. Stealing the dongle and reading it by a computer does not provide access to passwords and texts stored on the dongle.
But of course an ability to edit stored passwords and texts would be very helpful and handy sometimes. So a special application would be possible for allowing it. A little hardware alongside a computer will be necessary.
Please contact us when you are interested in this handy (but security compromising) option we will discuss.