PassLocker Features




PassLocker uses a strong encryption algorithm: this algorithm is an evolution of TripleDES  that is documented here. The implementation of this algorithm is named DES-EDE2 and HMAC/SHA-1 and it encrypts files using your passphrase in input. The passphrase is previously passed to a hash function that is a cryptographic algorithm that accepts input, arbitrary in length
and renders a fixed-length output: PassLocker Free Edition repositories (PassLocker Repository Files, prf) are locked with TripleDES 128 bit keys. Someone that doesn't know your passphrase cannot access to your password repository and he cannot in any manner read your repository file. Triple DES is extensively used within the electronic payments industry, which still continues to develop and promulgate standards based upon it (e.g. chip cards for authenticating credit and debit card payments upon EMV standard).


PassLocker provide a very simple user interface: the main window displays always the current application selected in the repository, a menu and some main action buttons that permit to you to copy usernames and passwords to Windows clipboard, to save repository changes, to open browser links,  to open repository editor and to calculate passwords strength. In the repository editor you can at any moment organize the entire repository and your favourite list selection.


You can save your applications data (usernames, passwords, web-urls, notes etc.) in a hierarchical tree repository organized in groups of applications. You can decide to group and organize your applications by functions or types (e.g. mails, home banking, instant messengers, web-sites etc.). You can also associate an icon image to groups or applications.


PassLocker can avoid that some keylogger malicious programs can steal your passwords simply catching keyboard events. PassLocker has a "software keyboard" that permits you to digit your passwords/passphrase only clicking with your mouse (this system can avoid also those keyloggers that can capture screenshots at some time intervals).


Many Password Manager programs have a complex interface and you can find an application only after a "search" operation, however, many times, you want to select a password very quickly (think to your usual web-mail login). With PassLocker you can select quickly your favorite applications and organize them in a favorite applications list.


You can ever iconize your PassLocker application in your Windows task bar. When PassLocker is iconized it can be locked for safety (a pop-up balloon alerts you about PassLocker status "locked"/"unlocked"): in this way you can safely leave your desktop pc leaving PassLocker iconized and locked, because if someone else tries to reopen PassLocker from traybar, it request again the access passphrase.  Lock function can be also automatized locking repository after a period of user inactivity or after a fixed time interval.


PassLocker can avoid that some malicious programs called "Clipboard Monitors" can steal your passwords simply "listening" Windows clipboard events: without this system, when your username/password is copied into clipboard this programs can take the clipboard contents and record them. PassLocker protect you against these threats because other applications won't get notifications that the clipboard content has been changed and it allows only once paste operation after which the clipboard will be cleared.


At any time you can do backups of your password repository: PassLocker can do an hard-copy of your encrypted database. Furthermore, PassLocker can do automatic backups of your repository whenever you save any changes.


You can generate safe random passwords by the PassLocker password generator: You can generate case sensitive passwords or keywords that contains special characters. Another interesting functionality of this tool is the possibility to create mnemonic passwords, easy to remember but hardly to force. PassLocker actually supports these password dictionaries: English, Italian, Spanish and well known passwords.


PassLocker generates an encrypted file log where you can see all operations occurred to your password repository file like unauthorized access attempts and modifications occurred to the prf.


PassLocker has an advanced system that calculate password's vulnerability. It first analyze your password statically implementing common rules that should be applied (brute force check), after it tries to crack your password through several dictionaries (dictionary method check). You can also analyze a password strenght viewing its details checking length, brute force and dictionaries vulnerability.


You can associate a web address (url) to your web-applications and PassLocker can open automatically this addresses with your preferred browser, so the unique operation that you have to do is to copy and paste your usernames and passwords in the right place.


PassLocker can generate encrypted files that permits you to access to the database like a key. You can decide to access to your repository either with only a PassKey file or a PassKey file togheter with the passphrase. PassKeys can be associated to the hardware where it was generated so you can carry with you your PassKey with an USB device or a removable disk. Note that if the PassKey has been copied to an other drive/device it loses its validity. This can make the access to your PassLocker repository file (prf) very secure because it can be accessed only if someone enter the right passhprase and, at the same time, hold the hardware-PassKey file. You can at any moment invalidate old generated PassKey files and generate new ones.


You can ever import or export entire repositories from/to intelligible files in several formats: plain text files (txt), comma separated values files (csv) or eXtensible Markup Language (xml). So you can ever create/edit your repository by a text editor before importing it.


For any application you can save the expiration date and time, so at any moment, you can display what are those passwords that are expired or that will expire soon changing them.


You can find an application in the repository by the "Repository Finder" dialog. In this dialog you can enter a text string, PassLocker will search this string into repository and displays the results in a report list. Clicking in the application name the Finder will select the desired application in the Main Application Window.


Many online banking accounts request Two-Step Authentication Method for increase safeness so they can provide a username, a PIN and a password: PassLocker has an extra password field where you can enter the real remote banking password or other sensitive data.


PassLocker has a complete manual, free web and email support.



PassLocker Plus Edition includes all Free features plus some significant extra qualities:



PassLocker Plus helps you when you want to login in your email accounts or other web sites where there is a login form, filling automatically your usernames and passwords fields. A IE addin is added to your browser that can safely communicate with PassLocker program: addin can catch automatically login pages capturing your login data adding they to your repository: hereafter to access to your web login forms, you don't need neither to copy and paste usernames and passwords! Due to its nature, the Form Filler is also an excellent tool anti phishing.


You can install PassLocker Plus on a USB memory or removable device: in this way you can carry with you your personal repository with the program together. PassLocker Plus runs directly from USB flash drive, no need to install on client computer so you can use it in any public terminal, without leaving traces on the host machine.


With PassLocker Plus you can ever choose if you want encrypt your data with TripleDES algorithm that uses a 128-bit access key  or AES (Advanced Encryption Standard) that uses a 256-bit key. AES is one of the most secure encryption alghoritms and it is adopted as the new encryption standard in the United States of America.