Master Key Help
Introduction
Master Key is an application that has been designed to keep track of the myriad of passwords that plague our day to day activities when we visit web sites, bank accounts, cash machines or try to use resources at work.
While it would be great to have just a single secure password that we could use anywhere there are many systems where the password is either provided to us or has to be changed on a regular basis or is in a specific format. Other systems prevent passwords from being re-used when they expire or are replaced and so over time we end up having to remember multiple keys.
There is also a wider issue of trust in that we provide our personal information and passwords to third parties who we have to trust will keep the information secure. However even the largest companies have security breaches that result in widespread loss of our personal information and it becomes our problem to re-secure. One way to minimise the problem is to ensure that as far as possible different passwords should be used for different online systems.
In order to work Master Key has to have a password that will enable you to unlock your vault and gain access to your stored passwords; choosing an appropriate password to use is very important and you will be cursing if, having entered a lot of information, you then forget how to open your Master Key vault!
Contents
First time Use
The first time you use Master Key you will be asked to provide a strong password.
The password you enter will be shown in plain text. It does not hide as it goes along – this is deliberate so that you can see and easily confirm that you have correctly entered the password that you want to us. You should obviously be doing this away from prying eyes!
While the text you enter is validated to only allow you to enter a suitably secure password it is up to you to enter something that you will remember.
As soon as a valid password has been entered the ok button will enable, you can however continue typing to create a longer entry. When you are sure the password is acceptable and memorable to you then press ok.
The open vault screen will be displayed. This will be the first screen that is always presented when Master Key is used in future.
Strong Password
A strong password consists of a word or words with at least seven characters, of which at least one is a capital letter and another a number, symbol or space; examples would be Pa55word, passw0rd!, Freddy1, Rf03£4t( or My Passwords. By using spaces you can create a memorable phrase.
Passwords that are long or more random are less likely to be cracked by somebody using a brute force hacking techniques based on password dictionaries. However you should balance the randomness with being able to enter the password you have chosen quickly and accurately. Of course you should choose one that you will be able to remember!
Opening the Master Key Vault
In order to gain full access Master Key you need to enter the password.
Note there are a number of options available which do not need the password; hence this button is always available. These options are important if you need to reset the current Master Key vault.
When the password has been entered pressing the open button will validate the password. If the password is invalid an error message will be displayed and the password entry box will be cleared. Note that the open button will only enable after a minimum of 7 characters have been entered.
When the correct password is entered and open is pressed then the screen will change to show the current password list.
In order to add, edit or removed entries from the current Master Key vault press the edit button when the correct password has been entered.
After you have entered the correct password if you press options then the options screen will be displayed with all the available options enabled and available for use.
Adding Information
Once the password that opens the Master Key has been defined you use the edit button to display the edit vault screen.
There are three options for editing the entries:
add – will create a new entry
Enter a suitable caption for the entry and then enter the password or other information you want to keep secure. The information in the password box is shown in plain text and does not hide after each character so that you can be sure that it is accurate.
edit – allows the selected entry to be edited.
When you edit an entry the current information for the entry is displayed and can be modified.
delete – will remove the selected entry. You will be asked to confirm that you want to delete the entry.
Options
change password
Changing the password that opens Master Key will only be enabled when the Vault has been correctly opened with the current password. The new password dialog will be shown and you will be prompted to enter a new password. If the new password meets the strong password requirements then all the existing entries in the vault will be re-encrypted with the new password.
The new password will be in effect immediately and will be required the next time Master Key is opened.
new vault
If you forget the password that you use to open Master Key you have no other option than starting again.
This option will allow you to create a new Master Key vault. If you already have entries in the Vault then you will be asked to confirm that this is the action you want to take after which the entries will be cleared and a new Vault will be created. Once cleared there is no way to recover your existing entries unless you have made a backup copy of your phone.
Once the Vault has been cleared you will be taken to the new vault screen.
Getting Support
If you have a problem with Master Key that you think may be caused by a fault with the application or how it works with your Windows Phone then please send an email to: support@metadev.co.uk giving details of the issue.
Remember however that a key aspect of the Master Key is that only you know the password that will unlock your information. If you forget the password then you will have to create a new Master Key vault.
Frequently Asked Questions
What happens if I lose my phone?
If you lose your Windows Phone you should use the remote lock facility to prevent anybody getting access to your personal information. Your Master Key vault will be secure even in the hands of a hacker thanks to the advanced AES encryption employed to secure your information.
How secure it my information?
The most likely cause for somebody being able to get access to your Master Key is that they know your password. Keep it secret and change it if you think your security has been compromised.
All password information within Master Key is encrypted using Microsoft AES encryption that is provided as part of the .NET Framework that is used to write applications for the Windows Phone and it is highly unlikely that anybody will be able to open your Master Key and see your passwords.
The password you use to open Master Key is not stored on your phone and as such cannot be recovered. If you forget the password you will have to recreate your Vault.
What is AES Encryption?
AES is one of a number of different encryption methods supported by Microsoft and is far more secure than any ‘amateur’ security process that might be implemented.
For more information on AES please take a look at these web sites:
http://msdn.microsoft.com/en-us/library/92f9ye3s.aspx
This Microsoft site contains a good introduction to cryptology. The section of particular interest is called ‘Secret Key Encryption’ and within this there is a link to how the AES algorithm can be used to secure data.
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
This Wikipedia link gives more details on the AES algorithm including information on how it may be broken (answer: brute force and/or lots of time…)
Is the information backed up when I back up my Windows Phone?
Yes. All the information will be backed up and all of your passwords, will of course, be encrypted just as they are when Master Key is inactive. You should remember however that should you have to restore a backup then you will have to use the same password that you were using when the backup was made.