pwSafe Cloud¶
pwSafe Cloud is a couple of optional internet services which improve pwSafe.
We designed pwSafe Cloud to make pwSafe more convenient and more secure.
Cloud Memory¶
The Problem¶
Even if you select a long time to keep your safe open, pwSafe isn't able to respect it. By design, we choose security over usability, and force your to re-enter your password when re-launching the app.
The reason behind this is that, when iOS needs more memory for a foreground app, it removes backgrounded apps from memory. When this happens to pwSafe, your safe's password is also removed from memory. To be able to recover it upon re-launching, pwSafe would need to save it on the device's permanent storage. Of course we could encrypt your password, but pwSafe would then need to have access to the encryption key when restarting. We could also save the encryption key and encrypted password on the device's KeyChain, but that would only make it harder, not impossible, for someone which got hold of your device to be able to crack your safe open even after the time you've chosen has elapsed.
If we could set an expiration date on a KeyChain password, which we currently can't, setting a very long time (in the order of days instead of minutes) on your safe would still be very insecure, because, during that period, any attacker would easily get hold of your safe's content.
The solution¶
Cloud Memory is a cloud service which fixes both issues. Here's how it works:
First, when pwSafe is closed with an open safe, it will encrypt the safe password with a freshly generated random key, and store the encrypted password on the device's Keychain. That random key is then sent to our servers, along with its expiration date. When pwSafe is re-launched, it asks the server for the keys it has saved, and the server only includes non-expired keys back in its reply. With those keys, pwSafe then unlocks your previously unlocked safes, in a seamless experience.
This means we don't have access to your safe's password at any time. Even if we were served a court-order asking for your safe password, we wouldn't be able to comply. This also means the period of time you set is respected, because it's enforced by our always-on servers. We even remove expired keys from our database periodically.
Finally, when you register your device with pwSafe Cloud, you'll also get a link which, when clicked, immediately clears all keys for that device from our database. If your device is ever lost or stolen, you can open the confirmation email and click this from any computer and be assured that your passwords are secure.
If you have any doubts, please contact us and we'll be glad to clarify any doubts you might have on Cloud Memory.
Cloud Backups¶
The Problem¶
You can't lose your passwords, even if you make a mistake.
iCloud is great for syncing, but if you accidentally change your safe in an undesirable manner, there's no coming back, it only saves the two most recent versions of your safe. Dropbox may help with that by means of their File Versions feature, but unless you buy their Extended Version History optional add-on, there are no guarantees after 30 days.
It could also be that you prefer to stay away from Apple and Dropbox because of privacy concerns, and use Local safes instead. Then, the only backup lies on your device, or on your computer if you use iTunes for syncing.
The solution¶
Cloud Backups is a cloud service which stores unlimited backups of your safes on our servers.
We store your safes' copies exactly the way they are stored on your device: fully encrypted by your passphrase. This means even if a hacker successfully attacked us and got hold of your data, there's nothing they could do except try to brute-force your password, i.e., try all possible passwords until they find the right one.
Here's some extra information on the way we store and protect your data:
- Safes are stored on Microsoft Azure Storage.
- We use an Azure fully private container. When uploading a safe, pwSafe gets a token which is good for 59 minutes. When downloading (restoring), the token expires in 30 minutes.
- Safes are stored on two geographically distinct sites, so as to protect your data against a disaster-like scenario.
- You can delete all versions or any single version of a safe any time you want. When you do that, we don't just mark it as deleted, we effectively remove it from storage. At this point, it is subject to Microsoft's Azure policies on deleted data and backups.
- All backups are kept indefinitely. To safeguard the pwSafe Cloud, the total storage space is limited as detailed in the Terms of Use. This limit has never been reached, not even by power users of the app.
If you have any doubts, please contact us and we'll be glad to clarify any doubts you might have on Cloud Backups.
Terms of Use¶
The services of pwSafe Cloud are subject to our Terms of use
pwSafe Cloud FAQ¶
To improve your support experience, frequently asked questions (with answers) have been integrated in our Help Center.
Header image by Seiichiro Hazama