We want you to know that Frontier Secure does not collect any of your personal data or information you enter into Secure PWD.
To protect your sensitive data, Secure PWD uses the Advanced Encryption Standard (AES) with a key size of 256 bits. This algorithm works in the CCM mode for encryption; CCM is an acronym for a longer abbreviation, namely CTR mode with CBC-MAC. CTR stands for CounTeR, CBC stands for Cipher Block Chaining, and MAC stands for Message Authentication Code. Nowadays, AES is the recommended standard for modern data encryption.
The master encryption key is derived from your master password using the Password-Based Key Derivation Function 2 (PBKDF2) algorithm specified in the Public-Key Cryptography Standards (PKCS) #5; in the PBKDF2 algorithm, we use the Hash-based Message Authentication Code (HMAC) SHA256, random salts and 20,000 of iterations. This makes it much more difficult to recover the keys through Brute-force or Dictionary attacks, even for weaker passwords.
The encryption key is reconstructed each time you enter your master password. Neither the encryption key nor your master password are ever stored anywhere. When you turn off Secure PWD, the encryption key is destroyed.
The data stored in Secure PWD is encrypted and decrypted only on your own device.
The connection between the app and the server always uses SSL, regardless of the device in use. Your information is encrypted at all times between the app and the server. We use TLS/SSL to protect your information during the entire data transfer process.
Because of its encryption mode, we have no way of decrypting any information that you have saved in Secure PWD. Anyone using Secure PWD is anonymous to Frontier Secure, so we have no way of identifying an individual user's data. We never see any of your information at any stage, and therefore we can't decrypt it or hand it over to a third party.
Both the choice of encryption and anonymity of users were conscious decisions made to improve the security of the product and protect the privacy of our customers.
|Your device||Make Secure PWD autofill your credentials|
When you install Secure PWD, the app introduces its own virtual keyboard on your device.
To use the virtual keyboard, first activate the keyboard in your Android settings as follows:
You only need to do this setup once. Once you've set up your Secure PWD board, you can use this whenever you want to enter logins and passwords in a text input field.
Here's how you can use the Secure PWD board to fill in your username and password:
Note: The method of switching the keyboard can differ depending on which Android version you have on your device. Check your device manual for further details.
To remove Secure PWD from your computer completely, you must remove both the Secure PWD application and the local storage (containing logs and passwords). Before you start removing the product, make sure that it is no longer running.
|Your device||Uninstall Secure PWD|