Main Pages
 




 
 
 

The Acerose Password Vault provides you with an easy way to organize and keep all your passwords both safe and secure. In this technological age, passwords are the means of keeping all your on-line assets safe from attack, be they e-mail, retirement accounts, on-line banking, web site control, or tax filings. The problem is that most people use a few easy to remember passwords and then reuse them over and over. With Acerose Password Vault you only need to remember one strong password or passphrase to open the vault file. This frees you to use strong automatically generated passwords for all your other needs.

Some may ask, why develop another password manager program when there are so many free programs of this type already available? The answer becomes obvious when you consider that such programs need to keep your password information both safe and secure. In reviewing password manager programs already on the market we discovered the vast majority emphasize the secure part, but neglect the safe part. What good is a password manager program that loses or corrupts your password information? The Acerose Password Vault is designed to be both safe and secure. In addition, many password manager programs include their own handy, but flawed password generator. Acerose Password Vault includes a built-in cryptographic quality password generator, so you can have confidence your passwords are truly strong.

See FAQs and more information on our support page.

Features:

  • Many features to maximize the safe storage of passwords.

  • Secure storage of passwords: At the heart of the Acerose Password Vault is a streaming cipher built upon the SHA-1 (Secure Hash Algorithm 1). The SHA-1 is the basis for all federally approved digital signature algorithms.

  • Create strong passwords easily with a cryptographic quality password generator. The password generator is highly configurable and graphically displays the approximate strength of the setting you choose.

  • The auto manager feature allows many users to run the Acerose Password Vault program from a single network location. The advantage of using a network location is that you have access to your passwords from any PC on the network. Hundreds of users can create and access their passwords without needing to know of or coordinate with other users. Of course, you can run it on a single PC if that's what you want.

  • The multiple action launch lets you launch (open) a web page and copy the corresponding password to the clipboard with a single click. This feature is highly configurable and includes the ability to use scripts as part of the URL, as well as clear the clipboard after a selectable delay.

  • You can also chain one vault file to another, which lets you separate passwords of one purpose from others using a master vault to open other vaults.

  • You can sort all the passwords by any of the six columns just by clicking on the column's heading. You can select just what columns you want to view as well as their order and width.

  • Selectable Tray options lets you use the Acerose Password Vault program as a tray application. You can choose to close and/or minimize to the tray, or neither. You can also choose to require a password to view the program's contents when it's restored from the tray.

  • You can import and export tab or comma delimited files. If you're already using some means of storing passwords electronically, you may be able to export them from that software into a tab or comma delimited file and then import them into the Acerose Password Vault program.

  • Works with Windows® 95/98/ME/NT/2000/XP. Note that Windows® Vista and Windows® 7 are not supported.

  • Price: FREE

Download Acerose Password Vault


Enter or edit data dialog



Cryptographic quality password generator



Select just the columns you want to view as well as reorder and resize them anyway you like.




Sort by any column just by clicking on heading. Open web pages just by selecting the item and clicking Launch; the password can automatically be copied to the clipboard.

Download Acerose Password Vault


What makes Acerose Password Vault
safer than similar programs?

Sometimes simpler is also better. The vast majority of password manager programs use some sort of database to hold password information. The problem with databases is that, because of their complexity, they are subject to corruption. If you doubt this, just type "database repair" into any of the top Internet search engines and you'll discover dozens of business that specialize in database repair and recovery. If the database repair utilities provided by the makers of database engines worked well, then there would be no need for such businesses. Do you really want to trust your password information to a data format that's known to be susceptible to corruption?

Acerose Password Vault uses what's known as a flat file. Flat files are not glamorous, but because there are no index files or internal pointers to corrupt, flat files are reliable.

To make the Acerose Password Vault file even safer, we use a streaming cipher to encrypt your password data rather than the usual block cipher. With a block cipher, the change of a single bit in the encrypted data renders the whole record unrecoverable. With a streaming cipher, however, the change of a single bit in the encrypted data renders just one character unrecoverable.

To make the Acerose Password Vault file even safer, we incorporate redundant fields for the critical user name and password information, along with automatic error detection and correction. Even if there's an unexpected change of a bit in a password or user name field, that change will be detected and automatically corrected.

To make the Acerose Password Vault file even safer, we include an automatic backup feature that can keep up to ten versions of your password vault file on a different drive or even on a network. We've also included a records recovery dialog to help you restore records you may have inadvertently deleted.

Back to features


What makes a password generator "Cryptographic Quality"?

Without a cryptographic quality password generator, the passwords you generate may look strong, but are actually very weak. It's a trap many folks have fallen into simply because many shareware authors have little knowledge of cryptography.

Modern programming languages include random number generators, that given an initial number (seed), will generate a sequence of pseudo-random numbers. There are several problems with using these built-in random number generators for cryptographic purposes, but that's what many shareware authors use without understanding the risks.

First, the sequence of numbers produced by commonly used random number generators may not be as random as they appear and may contain predictable patterns. In fact, documentation provided with software compilers often states that the built-in random functions should not be used for cryptographic purposes.

Second, the seed value which initializes the pseudo-random generator is most often a 32-bit integer, and thus, the generator is limited to that number of sequences. Every sequence the generator can produce can be duplicated by using the same initial seed. The maximum security of passwords produced by such generators is thus limited by the 32-bit seed, regardless of the length of the passwords generated.

Third, most of the popular password generators on the market don't require you to enter a seed value, but rather use the PC's millisecond clock to select the seed value when you start the program, or click on something. Theoretically this scheme randomly selects a seed number between 0 and 4,294,967,296. However, because most users reboot their computers in the morning, the actual range is just 1 percent of that. This is because the PC's millisecond clock resets its tick count to zero every time the computer is rebooted. An attacker only needs to try a small range of the possible seed values to reproduce the same sequence of pseudo-random numbers and then manipulate the various settings that select the set of allowed characters to recreate your passwords. Because the attacker is testing entire sequences, the length of your password loses it's power to protect your assets. It's even worse if an attacker discovers the password generator settings you use.

--- Here's the correct way ---

The password generator built into Acerose Password Vault uses the SHA-1 (Secure Hash Algorithm 1) as it's pseudo-random number generator. SHA-1 was designed by the government for use in cryptography and it has been well researched and tested. Rather than using a 32-bit integer as it's seed, SHA-1 uses text as its seed. This allows Acerose's password generator to use your vault password as part of its seed. Without knowing your vault password, an attacker can't reproduce the sequence of pseudo-random numbers used to generate your passwords. And the technique of trying common words and word combinations won't find your strong random passwords.

Back to features

Ballistic Explorer is a trademark of Dexadine, Inc.   All other products mentioned are registered trademarks or trademarks of their respective companies.
Last updated: 2010
Copyright 2010 by Dexadine, Inc.