jammit October 21, 2005 12:32 PM

Yay! I’m number one! In the washingtonpost article, it states a “military encryption”. You mean unauthorized access will cause a self destruct? I feel this was put in by the reporter to liven it up. I use bugmenot. Pretty sweet. At the present time I still memorize my passwords.

Bryan October 21, 2005 1:05 PM

BugMeNot is great for “logging in” to sites that require registration for no real reason.

However, if you have a site that requires registration for a real reason (e.g., paid content, confidential info, etc.), then BugMeNot is obviously not appropriate.

Milan Ilnyckyj October 21, 2005 1:09 PM

A Mac version of Password Safe would be nice. Operating as a Mac user in a PC-centric world (as you recommend in your “Safe Computing Tips”) makes balancing security and accessibility more difficult.

Mike Olson October 21, 2005 1:19 PM

Bruce, since you’re accepting suggestions for platform ports (I’m also a Mac fan!), here’s another request.

I use a tool called Web Confidential on my Mac, since PWSafe doesn’t run there. Web Confidential will synchronize with my Palm Zire, so that I have all my passwords in my pocket, encrypted in the same way as on the desktop.

I know, I know, it’s open source. Realistically, though, I’ll never get to a project of writing a sync conduit, so I’m posting the idea and hoping someone else will.

AndrewS October 21, 2005 1:28 PM

Mac OS X has a tool built in called Keychain Access. It can store (encrypted) all of your passwords, and they will be used automatically, if the software is written correctly. Including web passwords (at least if you use Safari).

As far as I can tell it does exactly what Password Safe does, although I’m not sure what algorithm it uses to encrypt everything.

Or is the issue that Keychain Access is not open source?

Grant Gould October 21, 2005 1:39 PM

I switched a while ago to using a USB drive to carry all of my digital authentication tokens. But I have had a terrible time trying to use PasswordSafe moving between Windows and Linux — something to do with the database formats, I gather, causes trouble.

In an ideal world, I’d love to see some combination of PasswordSafe, ssh-agent/Pageant, a browser plugin, and clever automount logic so that I could move my USB drive around and have machines prompt me for the passphrase when I attached the drive and forget it when I removed it. Of the tools I use, PasswordSafe for Windows is the one that gets the most of these elements right.

Davi Ottenheimer October 21, 2005 1:46 PM

Excellent. I recommend Password Safe whereever I go.

Password Safe is brilliant as a quick and simple solution to help Windows users with personal password management. My only feature request would be role-based access control.

I’ve found Password Gorilla by Frank Pilhofer to be a pretty good port to use on *nix systems (including Macintosh). The interface is not as clean (make sure you save before you quit), but it’s close enough:

Oooh, Palm version.

Chris October 21, 2005 1:48 PM

I’m having difficulties with the lack of segregation in the testing process mentioned on the Password Safe page.
Password Safe…designed by Bruce
uses an encryption algorithm created by Bruce
…thoroughly verified … under the supervision of Bruce (by a company founded by Bruce)

ARL October 21, 2005 1:49 PM

Password safe lives on my USB drive and is often one of the first things that gets installed on a new computer. It may not be perfect but it is one of the best things out there.

Of course I thought we were to watch out for products that used snake-oil terms like “military-level” 🙂

A Palm version would be nice. Maybe a Java version to bridge the different systems?

Bruce Schneier October 21, 2005 1:52 PM

“I’m having difficulties with the lack of segregation in the testing process mentioned on the Password Safe page.”

Oh, I agree. That’s one of the reasons I made it open source.

I had nothing to do with the coding of the latest versions. Rory Shapiro oversaw the entire thing.

Eric K. October 21, 2005 1:52 PM

Hm. A java version would be excellent. It could live on either my computer, Windows Mobile PocketPC, or my Motorola Razr cellphone, all of which are capable of running java applications…

Richard October 21, 2005 1:54 PM

Actually, Keychain Access works also with Camino !

Therefore, there must be an API somewhere to use it !

Milan Ilnyckyj October 21, 2005 2:10 PM


The problem isn’t that there aren’t pieces of Mac software that can do the job well, but that I need to use both kinds of system. For instance, as a social scientist at Oxford, it is essential to be able to access certain terminal servers at the department. The software they run, such a statistical packages, is simply too expensive for any graduate student to go out and buy. Likewise, virtually all college and library computers are running Windows XP.

Graham October 21, 2005 3:08 PM

Your description page is a little out of date. PasswordSafe is actually up to version 2.13 as of September 5, 2005. I contributed a (very little) bit to the coding and design (primarily the password generation rules) and am proud to have helped improve such a useful product. Everyone in my family is required to use PasswordSafe. Thanks for opening it up for Open Source improvement. And note that a Mac/Linux Java-based version of PasswordSafe is in the works. Check out

Davi Ottenheimer October 21, 2005 3:09 PM

@ Guillaume

Thanks for the link, but I was unable to import/access my dat files with the SWT version 0.3. I can pass them seamlessly between Password Safe and Gorilla, though, so I suspect there might be a compatibility issue in SWT.

Daniel A. Nagy October 23, 2005 3:25 AM

Doing this kind of thing in Java is very difficult, because you have very little control over when and how objects are destroyed. It’s embarrassingly easy to end up with sensitive information being swapped out of RAM to the hard drive and staying there for a long time.

Zed October 24, 2005 9:50 AM

RE: Java. Not only does it potentially leave sensitive information sitting around, it is also VERY easy to hack the java runtime to do evil things… like log every string created, etc.

JohnJ October 24, 2005 10:54 AM

I’ve been using SplashID ( ). It has Windows, Mac, Palm, Symbian, etc. support. Not freeware, but it works well and can track other things beyond passwords. Right now I use the Windows & Palm versions & sync the database between the two.

Sundar S October 25, 2005 12:51 AM

Password safe is an excellent software for password stashing. The article forgot to mention that Password Safe also gives the option to generate random password. It is also unbreakable, unless you give a very poor key for blow fish encryption.
I recommend it to my friends with one piece of advice. It is that by default on double-clicking the entry the password stored goes to the clipboard. Once it is pasted in the appropriate text box, make sure you clear the clipboard. There are some vulnarable javascripts that read your clipboard data and post it back to the server.

radiantmatrix October 25, 2005 10:04 AM

RE: Mac version and storing passwords on Palm.

As a recent Mac convert, I had to give up PWSafe, so I’m working on a Perl/Tk port that should work under any reasonably modern OS. This might take a while, though…

As for the palm, is a great PWSafe-alike for the Palm — it’s open-source and uses the GnuPG system for encryption.

I’ve found that I prefer keeping everything on the Palm and nothing on my local machine. Though I would like a sync option that does more than just back up the database, in case I ever lose my Palm.

Ibea Person October 26, 2005 3:12 PM

What about using something like PasswordMaker located at:

Sorry Bruce, but I had to look around for alternatives when I decided to not use Windows.

I like the idea of not having carry around the password program around, yet still have it wherever I need it via their online version.

And if you have to carry it around, you can download the web based version and just open it up from your pendrive from any browser.

I also like the idea that there isn’t a file stored, to worry about if lost or stolen.

But please, if there are problems with this approach, then I’d appreciate hearing about them.

Davi Ottenheimer November 16, 2005 3:10 PM

More news:

“As noted in ‘Password Safe FAQ’, ‘there is no back door in PasswordSafe to recover your Safe Combination, but there is a password-guessing program that some people have used successfully. The program works by going through a list of possible passwords and checking each one’.

However, there is a design flaw in PasswordSafe, that allows to perform Safe Combination validation a several times faster than it has been conceived by the author, which makes brute-force and dictionary attacks much more effective.”

Harold L July 25, 2006 12:18 PM

I use pwsafe on my Mac via fink. I synchronize my database with Windows and Linux systems. For UI, I like the Emacs mode pwsafe.el. It would be nice to have some code to synchronize the PasswordSafe database with Keychain (even if it were only uni-directional) – that way we Mac users could use PasswordSafe as our primary repository but get the benefits of having OS X fill in password forms for us.

Is it a security issue to add the password database to a version control repository? i.e. if someone got hold of many versions of the database that each only differ in the password of one of the accounts, would that be exploitable? My gut feel is no, because each version would look as much like garbage as the next in a hex editor, but maybe there’s an attack?

Russell Fulton January 14, 2007 10:30 PM

A colleague just pointed me to which appears to be a version of the open source password safe for Mac OS by the same author as the windows version. Help menu takes you to the the source forge password safe web page.

It’s clearly still under construction with some menu entries and options greyed out but the basic funtionality is there and appears to work fine. I’m wrapped!

andrej February 11, 2007 2:44 PM

In regards to zeds and Bruce’s comments regarding the problems of writing secure java apps…. can it be done, though? And have things changed since Oct 05?

The reason that I’m asking is that we have a bit of an odd set-up at my work-place where we use a shared password safe type of application; this has (the obvious security risks apart) a few drawbacks.
Firstly the safe is locked for others (with an option to FORCE it open) which makes for the risk of losing changes. Secondly the thing we’re using doesn’t allow for a paste of the password to the OSes clipboard, one has to SEE the password in clear text (very bad indeed). My idea was to do something similar to Bruce’s password-safe but instead of storing the passwords in a flatfile store the hashes in a database (which would allow for record-locking), and since we’re using a mixed environment (equal numbers of Linux and windows machines) something highly portable would be very desirable.


Loc June 1, 2010 12:19 AM

I’ve been using password safe for a while but stop for a period of time because my life got a little hectic due to personal reason.

I don’t remember my password for the “Password Safe” program. Is there a way I can retrieve my password?

thank you

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.