or Connect
AppleInsider › Forums › Software › Mac Software › Security review for Mac password storage application?
New Posts  All Forums:Forum Nav:

Security review for Mac password storage application?

post #1 of 4
Thread Starter 
I'm considering the Mac password vault called Data Guardian.
How can I be assured that the encryption is implemented properly?
post #2 of 4
Quote:
Originally Posted by Timmmy View Post

How can I be assured that the encryption is implemented properly?

You can't really until you can see the source code of the implementation they use and be able to determine that their algorithms are sound. What you can do is use a program that allows you to relocate the program's database - 1 password has this feature:

http://help.agilebits.com/1Password3...ox_on_mac.html

You can then move the database onto a read/write encrypted disk image (but again, you have to trust that the encrypted disk image developers implemented their algorithms correctly too). I would expect that even if the encryption implementations in some programs are flawed, they will still provide adequate security. They are only as secure as the password you use to encrypt them anyway.
post #3 of 4
Thread Starter 
Funny that you mentioned 1Password.
One of the reasons that I won't use it is because its file format does NOT encrypt everything.
It leaves the title of each entry in plaintext.

But, even if I had the source code for an app, I don't have the programming knowledge to understand it...
post #4 of 4
Thread Starter 
Actually, I have looked at SlpashID and I definitely don't like it.
It doesn't use the standard MacOS document paradigm. Instead it implements its own multi-user/multi-database system which is not consistent with the Mac OS document model.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac Software
AppleInsider › Forums › Software › Mac Software › Security review for Mac password storage application?