The Vault - Security Made Easy
... have trouble remembering tens or hundreds of online passwords?
... write passwords down somewhere, even though you know this is not the safest thing to do?
... use the same ("cleverly" modified) password in multiple places, instead of using properly randomized passwords that offer the best security?
... sometimes wish you had a photo of a creditcard, passport or other document handy?
... want to securely store lots of other confidential information, photos, animated GIFs, office documents, you name it?
... want all this to be secure, but still very simple to use?
Then ◆The Vault◆ is for you!
The Vault provides straightforward, easy to use, secure storage for all your documents and other data, such as passwords, login credentials and any other confidential information. It can securely store any number of documents, images, screenshots or photos along with your confidential information.
* 256-bit AES encryption *
While storage and access is simple, The Vault uses rock-solid, industry standard encryption.
[technical details below]
◆ ◆ ◆ WHY IS IT BETTER ? ◆ ◆ ◆
▸ See all features: bit.ly/TheVault-Features
▸ The Vault is very simple to use, yet it employs industry-standard encryption to keep your data safe.
(Some other - payed - apps do too, but some apps advertised as "secure" really do not, and for example save your data using a simple base-64 encoding: your information looks scrambled, but is as readable as plain text when you know how).
▸ The Vault will - never - show ad banners! We hate them too.
▸ The Vault stores information on * your * device. Not on some server somewhere on the net.
▸ Securely storing information is as simple as entering free text!
▸ The Vault can securely store photos and pictures from your camera or photo library; for example a copy of your passport, credit card, or just the serial numbers of some equipment you own. Anything.
▸ The Vault can securely store - and play - animated GIFs.
▸ The Vault can securely store *any* office or other document.
▸ Many secured documents can be viewed directly from The Vault, including PDFs, Keynote, Numbers, Pages, Powerpoint, Excel and Word files.
▸ You can optionally import data exported from your previous password app (or any other source that can provide the data).
▸ Automatically and securely backups your data!
◆ ◆ ◆ TECHNICAL DETAILS ◆ ◆ ◆
This is the part that matters.
This is the part that is hard to get right.
This is the part that makes the difference between actual security and insecurity.
Claiming “military-grade” (or “industry standard” ;-) encryption is meaningless.
Even claiming “256-bit AES encryption”, in itself is not very meaningful.
Claiming “military-grade” encryption and subsequently simply hashing a master passcode - e.g. using SHA, MD5, or, god forbid, nothing at all (!) - is NOT good.
What ís good is to use a proper key derivation algorithm such as PBKDF2, scrypt or bcrypt.
AES is better than ancient algorithms such as Blowfish, Twofish or 3DES.
But even for AES: an app that does not combine encryption with authentication... is doing it wrong. Currently there is some consensus that the best construct is to first encrypt a message and then calculate a message-authentication code, instead of the other way around.
These things matter.
◆ ◆ ◆
The Vault uses PBKDF2 key derivation with an HMAC-SHA512 PRF, and HMAC-SHA256 Encrypt-then-MAC authenticated 256-bit AES encryption, using CommonCrypto functionality only. All cipher and MAC worker keys, as well as all salts and IVs, are purely random data. Keys and IVs are never reused. Each singular piece of data is encrypted with a unique random encryption key, and authenticated with a unique random HMAC key.
Your Master Passcode is never stored; and neither are the derived cipher keys.
◆ ◆ ◆
THE ONLY THING ●YOU● HAVE TO DO?
Choose a long master passcode. Make it long, and make it random!
Read more about why and how inside the app....