ZippyLock is a free, small and extremely easy to use password management utility. Your password entries are kept in a Triple-DES encrypted 'private file'. ZippyLock uses Windows clipboard to transfer your data into forms (see the Demo at web site). You simply select a password item from a small gadget window and paste it to target form. When you run ZippyLock for the first time, you are prompted to create a new private file to keep your passwords, and asked to specify a MASTER PASSWORD. The MASTER PASSWORD will be used to unlock your private file later on. The private file will be stored on your hard-disk (or a USB Disk). The private file will be Triple-DES encrypted using a unique hash number generated from your MASTER PASSWORD. The hash number too will be encrypted by itself and stored in the same private file along with your encrypted passwords. Your MASTER PASSWORD is not stored anywhere. Your encrypted passwords are not stored anywhere other than the private file. No other auxiliary or reference information is kept in hidden places like registry, WINDOWS directory etc. When you logon with your MASTER PASSWORD or specify your password entries, ZippyLock uses a built-in anti-key-logger agent to prevent spyware secretly recording your key strokes. ZippyLock also uses an anti-clipboard-agent to disable spyware monitoring clipboard transfers. In general TDES with three different keys (3TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3TDES has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. As of 2005, the best attack known on 3TDES requires around 232 known plaintexts, 2113 steps, 290 single DES encryptions, and 288 memory. This is not currently practical.
|