|
Permanent Encryption
Some software products in the PIM category may allow encrypting the database at the end of the day when exiting the program. This requires opening the database before accessing it and leaving it open and vulnerable as long as it is used.
In AbsolutePrivacy, all information is
permanently stored in encrypted form on the hard disk. There is no need to decrypt a complete database file before opening it.
By decrypting only one record at a time in volatile memory before displaying it on the screen (see below: Single Record Encryption), fool-proof data security is provided because encryption is executed continuously and reliably in the background, without the user ever having to care about it or having to remember encrypting the file after closure.
Single Record Encryption/Decryption
Every
single piece of information (record) is encrypted with one out of
tenthousands
of passwords
(see next paragraph). When
reading a specific record (e.g. an address), it is copied to the volatile memory (RAM)
where it is decrypted before being displayed on the screen. On the
harddisk it remains stored in encrypted form. The
plain (decrypted) information is NEVER EVER stored on the harddisk or any other storage device,
not even partially. If the record is modified, it passes
the encryption filter before being written back to the harddisk. Nobody will ever be able
to hack or to decipher any info by analyzing the harddisk, not even
with the most sophisticated methods available.
Thousands of Encryption Keys (Passwords)
While the database is opened
with one main passphrase (the Master Passphrase), internally, tens of thousands encryption
keys (composed of random characters) are created with a special
algorithm and used to encrypt every piece of information individually.
The likelihood of the same key being used more than
once in 50000 records is almost nil. In other words, in an average
sized database, all records are encrypted with different, individual
keys.
Highly secure Encryption Algorithms
The 128 – 256 bit encryption algorithms are similar to those used by
the military and are among the most secure. It has been calculated
that the 128 bit encryption algorithms are so strong that it would
take a network of supercomputers
significantly longer than the age of the universe to crack the code
(millions of years), not to speak of 192 and 256 bit encryption, used extensively
in the program, too. Since every record is encrypted with an individual
password, in the utopical event of someone succeeding to break the code,
only the information contained in 1 single record would be uncovered.
Auto-Shutoff / Auto-Block Data Access
If you activate this function,
the program will be closed automatically after a customizable period
of 1-15 minutes of inactivity. This prevents you from inadvertently forgetting
to close your database when leaving your workstation.
Alternatively, you can opt for not closing the program, but to only hide the data you marked as private or to close the active section (e.g. the Calendar or the Diary) when the program has been idle for some time.
Hide Private Records
This function provides
an additional level of security: records flagged as private
can be hidden when someone else (e.g. your secretary) is allowed
to use the application.
Time-Limited Clipboard Content
Many
times, information retrieved in the organizer has to be copied to
other applications with the copy-and-paste technique. There is risk
that sensitive data (e.g. passwords) remain inadvertently in the
clipboard for long time, even after closing the organizer. In order
to avoid this security gap, content copied to the clipboard is kept
there only for 30 seconds, normally sufficient to be used in other
applications. AbsolutePrivacy clears the clipboard memory also when
exiting the program.
Optional PIN (secondary passphrase) to access applications
When used by more than one person,
the administrator/owner of the database file can protect single
sections (like the budget or the diary section) additionally by defining a PIN
code or, conversely, give another person (e.g. the secretary) exclusive
access to a specific section. In combination with the “Hide Private
Records”-function, the PIN enables for instance the secretary to
use the budget and the address/contact section, without being able
to see the private records. No other person trying to gain information
will manage to open any of the PIN-protected sections.
Passphrase Entry
Minimum
passphrase length:
8 characters. The more characters, the lower the risk of cracking
the passphrase
(8 characters reflecting
the available keys of the keyboard
would theoretically require a mean of 92^92/2 attempts to open the
database; therefore, it is important to use a relatively difficult
to guess passphrase, the longer the better, preferably containing
non-alfanumeric keys) Forced
delay between passphrase inputs:
2 seconds (this makes it virtually impossible for automatized brute-force
attacks to open the database)
Maximum
number of retries:
after 3 wrong passphrase inputs, the application is closed. Reopening
the program takes some time, which is an additional protection against
brute-force attacks.
|
