Password Safe
{{short description|Free password manager by Bruce Schneier}}
{{ infobox software
| logo = Password Safe logo.gif
| screenshot = File:About box Password Safe V3.54.01 20201227.png
| caption = The About box of Password Safe
| author = Bruce Schneier
| developer = Rony Shapiro, volunteers{{Cite web|url=http://sourceforge.net/p/passwordsafe/_members/|title = Members}}
| released = {{Start date|2002|01|15}}
| latest_release_version = 3.67.0
| latest_release_date = {{Release date and age|2024|10|20|df=no|br=yes}}{{Cite web|url=https://pwsafe.org/news.shtml|title = Password Safe - Latest News}}
| operating_system = Microsoft Windows, Android, Linux (beta)
| programming_language = C++
| size = 17.0 MB
| language count = 17
| genre = Password manager
| license = Artistic-2.0
| website = {{URL|https://www.pwsafe.org}}
}}
Password Safe is a free and open-source password manager program originally written for Microsoft Windows but supporting a wide array of operating systems, with compatible clients available for Linux, FreeBSD, Android, IOS, BlackBerry and other operating systems.
History
The program was initiated by Bruce Schneier at Counterpane Systems.{{cite web|url=http://www.nmrc.org/pub/review/psafe-1.7.html |title=Password Safe Product Review |publisher=NMRC |date= |accessdate=2010-04-29}} {{As of|2024}} the program is maintained on GitHub by a group of volunteers.{{cite web |title=PasswordSafe |url=https://github.com/pwsafe/pwsafe |accessdate=2021-03-31 |publisher=GitHub}}{{cite web |date= |title=Password Safe | Encryption Download |url=http://www.pcworld.com/downloads/file/fid,23779-order,4-c,encryption/description.html |url-status=dead |archive-url=https://web.archive.org/web/20101027160352/http://www.pcworld.com/downloads/file/fid,23779-order,4-c,encryption/description.html |archive-date=2010-10-27 |accessdate=2010-04-29 |publisher=PCWorld}}
Design
After filling in the master password the user has access to all account data entered and saved previously. The data can be organized by categories, searched, and sorted based on references which are easy for the user to remember.{{cite web|url=http://www.brighthub.com/computing/smb-security/reviews/54432.aspx |title=Password Safe Review: Make Password Retrieval Easier |publisher=Brighthub.com |date=2009-10-31 |accessdate=2010-04-29}}
There are various key combinations and mouse clicks to copy parts of the stored data (password, email, username etc.), or use the autofill feature (for filling forms).
The program can be set to minimize automatically after a period of idle time and clear the clipboard.
It is possible to compare and synchronize (merge) two different password databases. The program can be set up to generate automatic backups.
Password Safe does not support database sharing, but the single-file database can be shared by any external sharing method (for example Syncthing, Dropbox etc.). The password database is not stored online.
Features
:Note: All uncited information in this section is sourced from the official Help file included with the application
=Password management=
Stored passwords can be sectioned into groups and subgroups in a tree structure.
Changes to entries can be tracked, including a history of previous passwords, the creation time, modification time, last access time, and expiration time of each password stored. Text notes can be entered with the password details.
=Import and export=
The password list can be exported to various file formats including TXT, XML and previous versions of Password Safe. Password Safe also supports importing these files.
Password Safe supports importing TXT and CSV files which were exported from KeePass version 1.x (V1). KeePass version 2.x (V2) allows databases to be exported as a KeePass V1 database, which in turn can be imported to Password Safe.{{Update inline|date=September 2017}}
Password Safe cannot directly import an XML file exported by KeePass V1 or V2, as the fields are too different. However, the Help file provides instructions for processing an exported XML file with one of multiple XSLT files (included with Password Safe) which will produce a Password Safe compatible XML file that can then be imported.{{Update inline|date=September 2017}}
=File encryption=
Password Safe can encrypt any file using a key derived from a passphrase provided by the user through the command-line interface.
=Password generator=
The software features a built-in password generator that generates random passwords. The user may also designate parameters for password generation (length, character set, etc.), creating a "Named Password Policy" by which different passwords can be created.
Cryptography
The original Password Safe was built on Bruce Schneier's Blowfish encryption algorithm. Rony Shapiro implemented Twofish encryption along with other improvements to the 3.xx series of Password Safe.{{cite web|url=http://appdb.winehq.org/appview.php?iAppId=4017 |title=WineHQ – Password Safe |publisher=WineHQ.org |date= |accessdate=2013-02-07}} The keys are derived using an equivalent of PBKDF2 with SHA-256 and a configurable number of iterations, currently set at 2048.{{cite web
| author = Shapiro, Rony | date = 2013-02-05 | title = Master Key Generation from Master Password | url = http://sourceforge.net/p/passwordsafe/discussion/134800/thread/671fd0d4/#2a53 | accessdate = November 29, 2014}}{{cite web | first = Rony | last = Shapiro | title = PasswordSafe database format description version 3.29 | url = https://sourceforge.net/p/passwordsafe/bugs/1097/attachment/formatV3.txt | date = 2013-01-08}}
In a 2012 paper analysing various database formats of password storage programs for security vulnerabilities the researchers found that the format used by Password Safe (version 3 format) was the most resistant to various cryptographic attacks.{{
Cite book | first1=Paolo | last1=Gasti | first2=Kasper B. | last2=Rasmussen | title=Computer Security – ESORICS 2012 | chapter=On the Security of Password Manager Database Formats | year=2012 | chapter-url=https://www.cs.ox.ac.uk/files/6487/pwvault.pdf | doi=10.1007/978-3-642-33167-1_44 | series=Lecture Notes in Computer Science | volume=7459 | pages=770–787 | isbn=978-3-642-33166-4 | citeseerx=10.1.1.933.5924 }}
Reception
Reviewers have highlighted the program's simplicity as its best feature.{{cite web|url=http://software-today.com/password-safe-review|archive-url=https://web.archive.org/web/20110716102357/http://software-today.com/password-safe-review|url-status=usurped|archive-date=2011-07-16|title=Password Safe review |publisher=Software-Today.com |date= |accessdate=2011-08-01}}
See also
{{Portal|Free and open-source software}}
References
{{Reflist}}
External links
- {{Official website}}
- [https://filehare.com/password-safe-download/ Password Safe] at FileHare.com
- [https://www.schneier.com/passsafe.html Password Safe] at Schneier.com
- [https://pwsafe.info/ pwSafe] Password Safe clone for OS X and iOS
- [https://softonline.net/password-safe-windows/ Password Safe] at Softonline.net
- {{Google Play|com.jefftharris.passwdsafe|PasswdSafe}}
{{Password managers}}
Category:Cryptographic software
Category:Personal information manager software for Windows
Category:Java platform software
Category:Free password managers
Category:Software that uses wxWidgets