encryption – idStar.org

I posted earlier about Splash ID – a product I was going to test out to secure my sensitive data on the desktop and sync it with my smartphone so it was available to me on the go, also in an encrypted, password protected manner.

Well, I’ve tried Splash ID and I loved it so much I bought the $30 US utility. I get a desktop application that lets me enter in sensitive data, using categories (e.g. “Personal”, “Business”) into types (e.g. “Credit Card”, “Bank Account”, “Web Login”, etc.). In both cases, you can define your own types and categories. Each type is a template of the kind of information you store in that type. For example, “Credit Card” types have a field call “card number”, “expiry date” and so on. You get to customize these too.

Additionally, you can set fields to be “masked”. This means that even though you type in a password on your handheld to access this information, the sensitive info shows up as little circles until and unless you toggle the “mask/unmask” button. This protects you from eyes peering over your shoulder.

The amount of usability and thought that went into this tool is impressive. By entering everything in on your desktop, you get to easily sync it with your handheld or smartphone. It’s great to use on the desktop too, especially if you do a lot of Internet commerce.

Even if you just need to store passwords for work, home, the bank and more traditional items like these, Splash ID is a great place to put it all.

I highly, highly recommend it.

This has always been a pain with so many passwords, logins and other sensitive information to manage that you just can’t keep in your head anymore. What to do?

It used to be that folks stored sensitive login information in a Word document, and put a password on that (which MS Word lets you do). The problem today is that you can buy $50 software quite easily that will break this weak encryption, which was never meant to be bulletproof. Furthermore, even if you had a heavy duty PocketPC PDA or SmartPhone, you have the same breakable encryption problem or your mobile device.

I am experimenting with a program called FineCrypt that is freeware at the basic levels and acts like a secure zip archive. It’s not as intuitive or seamless as I’d like it to be, but it may just do the job on the desktop.

I want to eventually keep login info on a smart phone (likely a Treo 600/650 soon) and friends of mine already want to do this now. So I looked into it. I’ve not tried anything as yet, but I am intrigued by Splash ID. It’s available for PocketPC and PalmOS and has both a mobile and desktop client (both Windows and Mac!). You can define custom fields to protect and record data in, and it is all protected with 256-bit blowfish encryption (the algorithm Bruce Schneier of Counterpane Internet Security devised – and he’s quite the guru on the subject).