The Concept of PassKeeping

If you use any anti-keylogging software, there is always a chance that your typing will be recorded, either by a hardware keylogger or a more sophisticated software. It is a never-ending war. The solution is pretty simple: never enter your password in a compromised computer (or any computer that is not yours: the library, internet cafe, etc.).

PassKeeping offers a convenient solution to enter your password without typing it directly.

The concept of PassKeeping
A. Preparing the password on your home computer:
  1. You tell us which website you want to login to
  2. You identify the login form on that website
  3. You enter your account password; this password is then encrypted using your encryption password
  4. You also enter an access code and access password to access the encrypted password later
  5. Your access code, access password, and the encrypted password is stored on our server for later retrieval
B. When you want to login through a compromised computer:
  1. You open the PassKeeping website
  2. You enter your access code and access password
  3. Your encrypted password will be downloaded from the server through SSL
  4. You enter your encryption password to decrypt that password
  5. Your login form will be displayed with the password field already filled with your account password
As you can see, this approach is very secure because your password is never entered anywhere except on your home computer (which should be free from keyloggers). Additional notes:
A.3. The encryption is done on client-side with JavaScript using a Block TEA implementation by Chris Veness.
A.5. The data is sent to our server through a secure connection (128-bit SSL).
B.2. Once you enter the correct combination, it will be deleted from PassKeeping, thus creating a one-time password.
B.3. We utilize AJAX to fetch your data, so there is no web browser cache of your password.
B.5. The POSTDATA will go directly to the website entered in A.1.





About    Contact    FAQs    Terms of Service    Privacy Policy
Copyright © 2007 Yohanes Aristianto