[APP] Passwords Guardian - password keeper

[kiwiguy]

Just found a good password manager program that works well on the A1200 called Passwords Guardian. It is written by a Russian programmer but all menus are in English. It is easier to use than the SecretCodes app recommended in the FAQ's - but I have no idea how strong the encryption is.

Home page is http://www.smpda.com/soft_utilities_03.html

Have attached jar file. Download and rename to remove the ".zip"

EDIT May 1: Do NOT use this program if you really need top security for your passwords. I investigated further by going to the directory where the midlet was installed on my phone and opened the database file using Wordpad and discovered that I could identify my passwords as they are stored in plain text!! So would not use this app for really critical passwords (though the likelihood of someone getting hold of your phone and knowing which directory to go to and then knowing how to open that specific file is probably pretty slim).

A pity as a well-designed app - wonder why the programmer failed to deploy encryption

[gurneek]

'


thanks kiwiman i'l install n c wat can this Guardian can do

[gurneek]

'


hmm kiwiman,

i m impressed that it can make new folder in it, it can search etc

can we hack this ap n make up java app wich can store ur password N other files too which r hidden on mmc...

also we can promt password at startin, let play it reg >>>>>

wat u say??

[kiwiguy]

See my May 1 update in the first post at top of thread. Just discovered this app does not encrypt your password data - so use with care.

[dark_knightvn]

thanks kiwi

[JamesK]

Try this:

http://cellsafe.sourceforge.net/

It takes a bit of work to get the HTTP import working, but once you've figured it out it's pretty good. And the crypto appears to be strong (AES).

The author is working on upgrades, albeit slowly.

Regards,

JamesK

[CLOVIS KKK]

Try this:

http://cellsafe.sourceforge.net/

It takes a bit of work to get the HTTP import working, but once you've figured it out it's pretty good. And the crypto appears to be strong (AES).

The author is working on upgrades, albeit slowly.

Regards,

JamesK

Actually this program uses Blowfish. Blowfish is a good algorithm. Not as strong as Rijndael (AES algorithm) but do the job.

The weakness of this program is not the cryptography. It is the key generation. One can use a dictionary attack over the password (not the encryption) because the key algorithm generation is based on the password (PBE) and is very fast (one MD5 hash and a XOR operation). This is the improvement the author can do: he can apply recursive SHA1 digests -the recommendation is 1000 recursions- instead of the only one pass with MD5.

It is much better and secure then the other application you've found (the other stores the password with the data - and you should never do this).
I can say it does its job very well.

[REMO_ANGEL]

what is the default pass....

[joe2009]

I don't know Old password. Can't change a new pass.