Keyring - Easy password management - Page 2

krid · 09/08/2009, 11:14 PM

Thanks to everyone that downloaded the app and especially to those that gave feedback. I found a couple bugs while actually using the app today, so I posted a new version in the gallery. You'll definitely want to upgrade, since one of the bugs is really annoying.

I've added one suggestion to the upcoming features list, and made my intention to include a backup solution clearer. I just started a new job, so new features may be a bit slow for the next month, though bugfixes will be fast (since I'll be using it daily).

Keep the feedback and suggestions coming!

krid · 09/09/2009, 12:55 AM

Tell ya the truth, I hadn't even thought of building a way to import from the old Keyring app. I was just focused on building a usable app, since I've had to carry around my old Treo until I could get the new app working. Since I'd never built a mobile app or (non-web) a GUI app, there was a big learning curve to climb just to get where I am today.

Right now I couldn't build anything that worked on the phone, since Palm doesn't provide any approved API to read files. I'd also have to find a JavaScript DES encryption library, and figure out how to parse the old .pdb format using only JavaScript.

I totally understand the desire for a converter, but I don't think I'll be able to build one any time soon.

krid · 09/09/2009, 01:05 AM

Quote:

Originally Posted by scrupul0us

-Timeout doesnt appear to work... I've set it to 5 seconds and nothing happens... I also closed the app and re-opened it after 5 seconds and no prompt was presented for a password, I was let right in

Hmmm, that's not supposed to happen. I can't get it to work that way. Can you try again, and PM me with the exact steps to reproduce it?

Quote:

Originally Posted by scrupul0us

-A "logout" button would be nice

If you minimize the app, it forgets the password, and if you're looking at a key, it pops the scene back to the main key list. I could add an explicit logout button, but I think that would just clutter the display.

Thanks for the bug report.

gonzo10x · 09/09/2009, 05:51 AM

Thank you so much fo this App, I am so happy that you created it. I was really looking forward to a better password keeper than Splash ID, and so far so good.

Disaster · 09/09/2009, 07:54 AM

Thank you, Dirk.

I've been waiting for a app like this since I moved to the Pre. On the PalmOS I used YAPS (yet another Password Safe.)
MSB Software Engineering - Content - Yaps V2.5
I liked the simplicity of it...and the ability to backup and export to memo...though I just noticed my export got truncated (perhaps memo is too short for the insane amount of passwords I have.)

Here are a few suggestions, in order of importance and possibly ease of coding.
1. Backup to text (encrypted or unencrypted CSV file, user choice.) File located in one of the user directories so it could be easily copied to PC.
2. Desktop app to open encrypted CSV file...or import to other password program that accepts CSV files.)
3. Email backup CSV file.
4. Password generator that encrypts key words. In other words, a combination of account name, user chosen password and KeyRing password would generate an unique encrypted password. This way passwords could be recovered with KeyRing by the user knowing basic info, but the processed password would be highly cryptic.
5. Password cycler. Similar to number 4 but would update the password on at the users request, using the date to increment and encrypt. The user would have the date the password was stored and therefore could recover the unique password. Both the previous and current passwords would be available (for updating purposes.)

I have some art skills and could help with icons. Let me know if you have anything specific in mind.

scrupul0us · 09/09/2009, 08:18 AM

Thanks for the update...

On launch I am now asked for my password when I want to View or Add a new key...

However, I think its still insecure that I can view my keys without entering my master key... My viewpoint is that if someone steals my phone and they open this app and know that I bank with a particular place or am apart of specific websites it gives them options to try for identity theft... If they have to enter a password before they can see ANYTHING it gives them no additional information (mind you I understand at this point they'd be holding my cell phone)

just my .02... love the direction this is going =)

camiller · 09/09/2009, 10:13 AM

Suggest adding the ability to categorize stuff into a folder like structure. I currently use S.T.R.I.P. (Secure Tool for Remembering Important Passwords) on palmOS and use categories to separate things like financial/medical/work/internet. Otherwise I would have a very long single list.

camiller · 09/09/2009, 10:34 AM

Quote:

Originally Posted by getmoneyeveryday

I, myself, kind of like paying for stuff thank you very much. These days it's generally difficult to trust any application that records all of my vitals (credit cards, passwords, account #'s) into some app that can possibly, transmit and leak, all your info to the hands of an intruder but who knows. Maybe so, I don't very often keep all my vitals in SplashID either (so no difference there.) But I feel so much better having it in more than 1 location as backup so that I can send commands to wipe out all stored data in the other location in event that I feel my security is being breached. oh btw.. i require offline backup only.. no wireless server backup. Yeah call me the paranoid type.

Just the other day we saw a story where "paid for" monitoring software designed for parents to keep track of kids activities online was sending data, including chat transcripts, back to the company to then be sold to marketing companies.

Just because you paid for it does not mean it won't do something with your data. Now since krid says he will be making the source available I can be sure by examining that source that it in fact won't be doing anything malicious with my data. Even if you are not technically minded enough to dig through the code, someone will and will report it if there is a problem. Access to the code is the ONLY way to be sure.

ALuckyGuy · 09/09/2009, 10:41 AM

Quote:

Originally Posted by drizek

Why not save the encrypted file as an mp3? That way it gets synced along with music.

That's a clever idea, but you'd need to make sure that the .mp3 file doesn't get played or that the data it stored in a non-playable section of the file.

My car stereo - which can play mp3 files - comes with a warning that playing a non-mp3 file that incidently has a .mp3 file extension can damage the stereo and/or speakers. One shouldn't arbitrarily rename a file to .mp3 because you might accidently play it and then damage your phone or system.

Paladin · 09/09/2009, 12:05 PM

CVS import/export would be GREAT! I use lastpass on all of my PC's and would love to e able to export a CSV file from there into this program.

Paladin · 09/09/2009, 01:14 PM

I just tried this. I thought it somehow would fill in the form for me or allow me to paste it in somehow. Oh well... Maybe in the future?

It will still be useful but I have all my passwords in Strip for PalmOS. I know of no way to export and import all of those i

i

jbg7474 · 09/11/2009, 02:38 PM

Even though there isn't an official backup option right now, is there a file somewhere that we could copy if we have Linux access? I'd love to know that even if I can't use it right away, I have the data in some form.

krid · 09/11/2009, 04:35 PM

Quote:

Originally Posted by jbg7474

Even though there isn't an official backup option right now, is there a file somewhere that we could copy if we have Linux access? I'd love to know that even if I can't use it right away, I have the data in some form.

I'm storing the data in Depot, which probably corresponds to some sqlite file somewhere. I haven't had time to figure out where yet. If you figure it out, I'll be delighted to hear about it.

I have a few ideas on how to kludge something until Palm releases a sane API. I'll try them out this weekend, and hopefully I can whip up something that will tide us over.

jbg7474 · 09/11/2009, 11:30 PM

Quote:

Originally Posted by krid

I'm storing the data in Depot, which probably corresponds to some sqlite file somewhere. I haven't had time to figure out where yet. If you figure it out, I'll be delighted to hear about it.

I have a few ideas on how to kludge something until Palm releases a sane API. I'll try them out this weekend, and hopefully I can whip up something that will tide us over.

I poked around a bit today and the only .db files I could find in the entire filesystem were the ones in /media/internal/.app-storage for drPodder, Shopping List, and something else which escapes me at the moment. I wouldn't call my search exhaustive, though.

I know very little, but in my searching it appears that these applications are still using Depot, but they're storing their databases in /media/internal. This has the dual advantages of making it relatively easy for users to find the file and copy off to their computer and it will also survive a partial erase reset there.

chav1to · 09/13/2009, 02:32 PM

The palm pre has not yet arrived to my country... but I want it so badly... and the biggest (if not the only) drawback was the lack of security on having this type of info in my handheld (which I currently have in a treo180, and yes, that's old)... but with your program you made my decision so much easier...

Good program (I tried it on the emulator), and based on the upcoming features you have listed it will be a great program...

And I also think that the "log off" button would clutter the screen... the automatic timeout option is good enough...

keep the good work

...

gizmo21 · 09/15/2009, 02:40 PM

Quote:

Originally Posted by drizek

Yes, Palm Keyring compatibility would be great. I use keepass on my desktop and it has a keyring converter, so that would give us a way to go from keepass->palmos->webos.

Rob Vonk - KeePass to Keyring converter

Oh any way of getting keepass data to this app would be really great. Over keyring convert or csv import - hope you'll find a way to access files in webos.
Perhaps for the start by direct download of the file off our own https-home server.

I think some keepass mobile j2me apps do it that way. Although not everybody has a lil apache at home

sjlee · 09/17/2009, 12:49 PM

I'm not accusing the developer of anything, but I'm curious if anyone is concerned about putting all their passwords into a Homebrew application?

I wouldn't think it would be too difficult to have code in the program to send the data somewhere else.

fnord · 09/21/2009, 10:40 PM

Quote:

Originally Posted by sjlee

I'm not accusing the developer of anything, but I'm curious if anyone is concerned about putting all their passwords into a Homebrew application?

I wouldn't think it would be too difficult to have code in the program to send the data somewhere else.

Not too hard to write it into the code if you had that intention, but very very difficult to hide it since the code is open source and you can just look at it. I've looked at this code and it doesn't send your usernames/passwords anywhere.

Thanks go to Krid for taking his time to write free software for the Pre community.

P.S. I'm sure Krid would take a donation if it would make you feel better to spend some money.

Scott_L · 09/22/2009, 10:00 AM

So now we need a Firewall for the WebOS. I would like to be able to control what can be xferred to and from whatever device I carry that is always connected. But... that's for another thread.

krid · 09/27/2009, 09:36 PM

I just released a new version, with support for import/export. Right now the simplest way to use it is to export to the clipboard, paste the output (which is an encrypted blob) into an email, and send it to yourself. Or you can download the cheap cgi I wrote, and use that (at your own considerable risk).

There are also a bunch of bugfixes and look & feel improvements, so go grab a copy.

09/08/2009, 11:14 PM	#21 (permalink)
krid Member Join Date: Aug 2009 Location: Silicon Valley Posts: 117 Likes Received: 1 Thanks: 13 Thanked 65 Times in 31 Posts	Thanks for the feedback Thanks to everyone that downloaded the app and especially to those that gave feedback. I found a couple bugs while actually using the app today, so I posted a new version in the gallery. You'll definitely want to upgrade, since one of the bugs is really annoying. I've added one suggestion to the upcoming features list, and made my intention to include a backup solution clearer. I just started a new job, so new features may be a bit slow for the next month, though bugfixes will be fast (since I'll be using it daily). Keep the feedback and suggestions coming!
	Liked by

09/09/2009, 12:55 AM	#22 (permalink)
krid Member Join Date: Aug 2009 Location: Silicon Valley Posts: 117 Likes Received: 1 Thanks: 13 Thanked 65 Times in 31 Posts	Keyring for PalmOS compatibility Tell ya the truth, I hadn't even thought of building a way to import from the old Keyring app. I was just focused on building a usable app, since I've had to carry around my old Treo until I could get the new app working. Since I'd never built a mobile app or (non-web) a GUI app, there was a big learning curve to climb just to get where I am today. Right now I couldn't build anything that worked on the phone, since Palm doesn't provide any approved API to read files. I'd also have to find a JavaScript DES encryption library, and figure out how to parse the old .pdb format using only JavaScript. I totally understand the desire for a converter, but I don't think I'll be able to build one any time soon.
	Liked by

09/09/2009, 05:51 AM	#24 (permalink)
gonzo10x Member Join Date: Jun 2009 Posts: 18 Likes Received: 0 Thanks: 2 Thanked 1 Time in 1 Post	Thank you so much fo this App, I am so happy that you created it. I was really looking forward to a better password keeper than Splash ID, and so far so good.
	Liked by

09/09/2009, 07:54 AM	#25 (permalink)
Disaster Member Join Date: Aug 2005 Posts: 494 Likes Received: 0 Thanks: 0 Thanked 13 Times in 11 Posts	Thank you, Dirk. I've been waiting for a app like this since I moved to the Pre. On the PalmOS I used YAPS (yet another Password Safe.) MSB Software Engineering - Content - Yaps V2.5 I liked the simplicity of it...and the ability to backup and export to memo...though I just noticed my export got truncated (perhaps memo is too short for the insane amount of passwords I have.) Here are a few suggestions, in order of importance and possibly ease of coding. 1. Backup to text (encrypted or unencrypted CSV file, user choice.) File located in one of the user directories so it could be easily copied to PC. 2. Desktop app to open encrypted CSV file...or import to other password program that accepts CSV files.) 3. Email backup CSV file. 4. Password generator that encrypts key words. In other words, a combination of account name, user chosen password and KeyRing password would generate an unique encrypted password. This way passwords could be recovered with KeyRing by the user knowing basic info, but the processed password would be highly cryptic. 5. Password cycler. Similar to number 4 but would update the password on at the users request, using the date to increment and encrypt. The user would have the date the password was stored and therefore could recover the unique password. Both the previous and current passwords would be available (for updating purposes.) I have some art skills and could help with icons. Let me know if you have anything specific in mind.
	Liked by

09/09/2009, 08:18 AM	#26 (permalink)
scrupul0us Member Join Date: Apr 2006 Location: North America Posts: 505 Likes Received: 0 Thanks: 12 Thanked 68 Times in 44 Posts	Thanks for the update... On launch I am now asked for my password when I want to View or Add a new key... However, I think its still insecure that I can view my keys without entering my master key... My viewpoint is that if someone steals my phone and they open this app and know that I bank with a particular place or am apart of specific websites it gives them options to try for identity theft... If they have to enter a password before they can see ANYTHING it gives them no additional information (mind you I understand at this point they'd be holding my cell phone) just my .02... love the direction this is going =)
	Liked by Thanked By: krid

09/09/2009, 10:13 AM	#27 (permalink)
camiller Member Join Date: May 2009 Posts: 119 Likes Received: 3 Thanks: 19 Thanked 10 Times in 9 Posts	Suggest adding the ability to categorize stuff into a folder like structure. I currently use S.T.R.I.P. (Secure Tool for Remembering Important Passwords) on palmOS and use categories to separate things like financial/medical/work/internet. Otherwise I would have a very long single list.
	Liked by

09/09/2009, 12:05 PM	#30 (permalink)
Paladin Member Join Date: Nov 1999 Location: City of Champions!!! Posts: 617 Likes Received: 0 Thanks: 5 Thanked 54 Times in 36 Posts	CVS import/export would be GREAT! I use lastpass on all of my PC's and would love to e able to export a CSV file from there into this program. __________________ Systems Analyst by trade, Drummer by desire and Music Lover by birth. A self proclaimed Geek and gadget nut. ii Did you know: The Pittsburgh Steelers have more championships than 21 other NFL teams combined! Pittsburgh Steelers-6 Time Super Bowl Champions! Pittsburgh Penguins-3 Time Stanley Cup Champions!
	Liked by

09/09/2009, 01:14 PM	#31 (permalink)
Paladin Member Join Date: Nov 1999 Location: City of Champions!!! Posts: 617 Likes Received: 0 Thanks: 5 Thanked 54 Times in 36 Posts	I just tried this. I thought it somehow would fill in the form for me or allow me to paste it in somehow. Oh well... Maybe in the future? It will still be useful but I have all my passwords in Strip for PalmOS. I know of no way to export and import all of those ii __________________ Systems Analyst by trade, Drummer by desire and Music Lover by birth. A self proclaimed Geek and gadget nut. ii Did you know: The Pittsburgh Steelers have more championships than 21 other NFL teams combined! Pittsburgh Steelers-6 Time Super Bowl Champions! Pittsburgh Penguins-3 Time Stanley Cup Champions!
	Liked by

09/11/2009, 02:38 PM	#32 (permalink)
jbg7474 Moderator Join Date: Jan 2009 Location: SW Ohio Posts: 3,858 Likes Received: 92 Thanks: 1,019 Thanked 1,061 Times in 715 Posts	Even though there isn't an official backup option right now, is there a file somewhere that we could copy if we have Linux access? I'd love to know that even if I can't use it right away, I have the data in some form. __________________ Palm III-->Handspring Visor-->Sony Clie PEG-NR70-->no PDA -->Palm Treo 755p-->Palm Pre-->HP Veer
	Liked by

09/13/2009, 02:32 PM	#35 (permalink)
chav1to Member Join Date: Jun 2009 Location: Juarez, Mx Posts: 38 Likes Received: 0 Thanks: 18 Thanked 4 Times in 3 Posts	Great app The palm pre has not yet arrived to my country... but I want it so badly... and the biggest (if not the only) drawback was the lack of security on having this type of info in my handheld (which I currently have in a treo180, and yes, that's old)... but with your program you made my decision so much easier... Good program (I tried it on the emulator), and based on the upcoming features you have listed it will be a great program... And I also think that the "log off" button would clutter the screen... the automatic timeout option is good enough... keep the good work ...
	Liked by

09/17/2009, 12:49 PM	#37 (permalink)
sjlee Member Join Date: Aug 2009 Location: WI Posts: 29 Likes Received: 0 Thanks: 0 Thanked 0 Times in 0 Posts	Any concerns? I'm not accusing the developer of anything, but I'm curious if anyone is concerned about putting all their passwords into a Homebrew application? I wouldn't think it would be too difficult to have code in the program to send the data somewhere else.
	Liked by

09/22/2009, 10:00 AM	#39 (permalink)
Scott_L Member Join Date: Nov 2007 Location: Lost in CT, USA Device: Sprint Treo 755p Posts: 325 Likes Received: 0 Thanks: 29 Thanked 11 Times in 7 Posts	So now we need a Firewall for the WebOS. I would like to be able to control what can be xferred to and from whatever device I carry that is always connected. But... that's for another thread.
	Liked by

09/27/2009, 09:36 PM	#40 (permalink)
krid Member Join Date: Aug 2009 Location: Silicon Valley Posts: 117 Likes Received: 1 Thanks: 13 Thanked 65 Times in 31 Posts	I just released a new version, with support for import/export. Right now the simplest way to use it is to export to the clipboard, paste the output (which is an encrypted blob) into an email, and send it to yourself. Or you can download the cheap cgi I wrote, and use that (at your own considerable risk). There are also a bunch of bugfixes and look & feel improvements, so go grab a copy. __________________ Author of Keyring for webOS - Easy password management on your phone Get Keyring :: Keyring website :: Keyring desktop client :: Keyring bugs :: Desktop client bugs Like what I've done with Keyring? Hire me!
	Liked by

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode