[Review] Abylon KEYSAFE

{rw_text}Giveaway of the day for August 17, 2009 is:

Abylon KEYSAFE

Version reviewed:

v7.30.07.2

System Requirements:

Windows 2000/XP/Vista

Software description as per GOTD:

Easy to use password manager for sensitive data and password administration. Online banking, email accounts and the Windows logon credentials are only some examples for using passwords. Can you keep all passwords in your mind?abylon KEYSAFE is a simple password manager that takes care of all your secret passwords. You need only one MASTER-password or alternatively a removable media (e. g. memory stick), CD, chip card or an X.509-certificate as “key”. For your convenience, the stored data can simply be dragged and dropped into the appropriate fields of the browsers or dialogue boxes, when needed.
The application provides a generator for random passwords and Anti-Keylogger functionalities: “Password Scrambler” and “Image input”.

Ashraf’s Note:

As most dotTechies know, as per my agreement with GOTD, I am given information on giveaways prior to their release but I am not given the ability to register them. So I use trial versions to evaluate the giveaway for my review. Therefore my screenshot may say something like “trial” or “register” or something similar. Just ignore that. When you download the giveaway you should be able to register it just fine.

————————-{/rw_text} –>

{rw_good}

  • Uses AES 256 and Blowfish 448 encryption algorithms.
  • Has a built in password generator.
  • Nice “password scrambler” feature.
  • Can create backup of your passwords.
  • Has an optional token authentication system.

{/rw_good} –>

{rw_bad}

  • No real browser integration.
  • Cumbersome/nonexistent way to create multiple “keysafe”/profile.
  • Horrible English…
  • No password hint or ability to recover password if you forget password.
  • Bug when creating a “keyfile” and turning password astricks off.
  • You must manually rename every new entry after you create it.

{/rw_bad} –>

{rw_score}
{for=”Ease of Use” value=”6″}While using the actual program is not hard at all, the lack of proper browser integration makes this program very annoying to use.
{/for}
{for=”Performance” value=”10″}Saves and stores passwords just like it claims.
{/for}
{for=”Usefulness” value=”5″}Without proper browser integration this program is not very useful.
{/for}
{for=”Arbitrary Equalizer” value=”6″}This category reflects an arbitrary number that does not specifically stand for anything. Rather this number is used to reflect my overall rating/verdict of the program in which I considered all the features and free alternatives.
{/for}
{/rw_score} –>

{rw_verdict}[tdown]
{/rw_verdict} –>

Abylon KEYSAFE is a program that allows you to store all your usernames and passwords in one program. KEYSAFE encrypts (AES 256 or Blowfish 448 as per the developer’s website… I really am not sure which one it uses because the English is horribly hard to decipher and understand) the usernames and passwords and stores it in a database. You are just required to remember one password to access that database which stores your usernames and passwords.

When you first run KEYSAFE you will be taken through a step by step process to help you setup your first “keyfile”. “Keyfiles” are KEYSAFE’s equiviliant to “profiles”; think of a “keyfile” as a database that stores all your usernames and passwords. The step by step process is fairly short and simple. However the English is really bad for this software (it is written by a non-native English speaker) so don’t try to read too much into.

Here is the step by step process:

2009-08-16_161620

2009-08-16_161630

2009-08-16_161640

2009-08-16_161647

Abylon KEYSAFE has some interesting authentication features, such as USB and token authentication, but unless you are an advanced user and you know what you are doing I suggest just leaving it to all password based authentication.

2009-08-16_161700

2009-08-16_161716

2009-08-16_161849

One interesting feature of KEYSAFE is it has a built in KeyScrambler like feature. You see “Activate PASSWORD -SCRAMBLER” option at the bottom? If you activate that option the keystrokes you type in will be “scrambled” so if any keylogger is on your computer it will not be able to see what keystrokes you typed in (more or less).

Also in addition to typing in your passwords, you can click on the images to incorporate into your passwords. For example you can have a password 9w3BANANAq11. The “BANANA” in the password I just mentioned is not you typing in “BANANA” but rather clicking on the banana picture.

After you are done settings up KEYSAFE, you will be given access to the full program:

2009-08-16_162254

From this main program window there is not much to do because behind all the complex authentication and security methods, KEYSAFE turns out to be a simplistic password management tool. All you basically do is click on “New Entry” whenever you want to store a new username/password combination. You must manually right click every “New Entry” and select rename after you create it if you want it to be called anything else other than “New Entry(x)” (this is very annoying).

After you create a new entry, click on it to add a username, password, and URL to it. In addition to those three, you may enter any random text and create a list for each entry. After you add that information… that is basically it. That is all you can do in terms of data storage with this software. Whenever you want to use your username/password, you need to manually run KEYSAFE and go to that entry. You may click on the “…” to open the website in your default web browser. After that you must manually copy and paste (or drag + drop) the username and password into the website to login. There is absolutely no browser integration what so ever. How useless does that make this software? Fairly useless.

To be fair, I need to mention the fact that there are some other features of this software. One of them is a password generator:

2009-08-16_230531

Another feature is the ability to backup your “keyfile”/profile (via “File” -> “Create Backup”). Another feature seems to be related to a button “Install modules on USB stick”. However this button is grayed out for me so I am not 100% sure what it does. The English in the Help file is so bad I get a headache reading it so I really can’t figure it out either. It may be related to the token authentication or maybe you can install KEYSAFE on a USB to make it portable.

The last thing I want to do before I stop wasting my time reviewing a horrible piece of binary is explain my cons a little bit (the ones I already have not talked about):

  • As per the help file you should be able to create a new “keyfile”/profile by renaming the .XML file related to the keyfile you initially created. I tried that but was unable to create a new keyfile/profile. However even if I was able to get it to work, that is a horrible way to create new profiles.
  • The English in this program is horrible. I usually stand up for non-native English speaking developers who have bad English (I myself am not perfect in English) but this English is so bad it gives me headaches!
  • There is no way to recover your password if you forget it. Now not being able to recover your password is OK with me – many password managers work like that. The problem I have is that there is no “password hint” feature for this program either to help you remember the password.
  • There is a bug when you turn off the astricks when creating a new keyfile/profile initially. After you turn off the astricks and turn them back off, the “Enter password again” field still shows the password unhidden:

2009-08-16_161945

Overall I find this program to be way too simplistic underneath the seemingly complex authentication and security stuff. Thumbs down.

This review was conducted on a laptop running Windows Vista Home Premium 32-bit. The specs of the laptop are as follows: 3GB of RAM, a Radeon HD 2600 512MB graphics card, and an Intel T8300 2.4GHz Core 2 Duo processor.

{rw_freea}

RoboForm

RoboForm makes logging into Web sites and filling forms faster, easier, and more secure. RoboForm memorizes and securely stores each user name and password the first time you log into a site, then automatically supplies them when you return. RoboForm’s powerful Logins feature eliminates the manual steps of logging into any online account. With just one click RoboForm will navigate to a Web site, enter your username and password and click the submit button for you.

Completing long registration or checkout forms is also a breeze. Simply click on your RoboForm Identity and RoboForm fills-in the entire form for you. You no longer need to remember all your passwords. You remember one Master Password, and RoboForm remembers the rest. This allows you to use stronger passwords, making your online experience more secure. RoboForm uses strong AES encryption for complete data security.

-Download.com

—-

RoboForm is an excellent software. Although not open source, it is so widely used, it is pretty much verified as being secure. It has gotten many rewards by reputable magazines/websites. In comparison to KeePass, RoboForm has better integration with browsers if you are using Firefox or Internet Explorer (RoboForm does not work with Chrome or Opera). I highly suggest you try to get RoboForm Pro for free instead of using RoboForm Free because RoboForm’s free version is a bit too limited in my opinion.

Click here to see difference between free and pro.

LastPass

Think of LastPass as a free RoboForm Pro. It basically does everything RoboForm Pro does. The only difference is LastPass is online based. *Gasp* online based I know but be sure to read more about it before automatically dismissing it because LastPass is excellent and secure.

KeePass

What is KeePass?
Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your homepage’s FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem… A serious problem. The thief would have access to your e-mail account, homepage, etc. Unimaginable.

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). For more information, see the features page.

-KeePass Developer

—-

KeePass is an excellent program you can use for storing your passwords. It has many features, the interface is pleasing, and it is very easy to use. Best of all, it is open-source and OSI certified so you can store your passwords in peace. Think of KeePass as the free and improved version of KEYSAFE.

The only major problem with KeePass is that it does not have that great browser integration as RoboForm and LastPass.

PINS

PINs is a free feature-rich Windows program for safe and comfortable storing of any secure information like passwords, accounts, PINs etc. PINs uses a secure 448 bit Blowfish algorithm to ensure the data are not crackable. The password used for securing access to stored data is not saved anywhere.

PINs does not require installation and does not need any special dlls, drivers or system files which can mess up your system. This means that PINs can run directly from floppy – including data files – without installing anything. This is extremely useful if you wish to easily access your data on other computers as well.

-PINS Developer

AnyPassword

AnyPassword is an easy-to-use tool that lets you store and arrange all your passwords, user IDs, and related information in a tree form. The program saves this information in encrypted files which can be protected by a password. So, the only thing you need to remember is the password for the file. AnyPassword can also generate random passwords with specified parameters (length, used characters, etc.). You can find any stored information using the incremental search feature.

-AnyPassword Developer

{/rw_freea} –>

{rw_verdict2}Abylon KEYSAFE is a bad program. Sorry if I offended the developer but the truth hurts. Way too simplistic in my opinion. I will never use this program, nor recommend it, even if it became freeware (which it currently is not since it costs 15 euros – someone convert that into dollars puhleez). My recommendation for today is LastPass. Sure it is not open source and you need to have an element of trust to allow your sensitive information to be stored on servers out of your reach, but LastPass is an excellent password management tool. However if you are like me and still don’t feel comfortable using LastPass (no matter how secure it is), my second recommendation is to try and get RoboForm Pro for free (or use RoboForm Free if the 10 passcard limitation will suit you). If you feel both LastPass and RoboForm will not work for you, you can always fall back on the open source and reliable KeePass.
{/rw_verdict2} –>

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

13 comments

  1. Leland

    Hi Asraf, great to have you back. Here are some additional notes.

    What about PassPack (online password manager) at http://www.passpack.com/en/home/ which is very similar to LastPass. Also, KeePass 1.x is portable and still updated while 2.x requires .Net Framework and so can not be considered fully portable. Another password manager is Password Gorilla (open source) at http://www.fpx.de/fp/Software/Gorilla/ and Password Safe (open source and portable) at http://passwordsafe.sourceforge.net/ and SuperGenPass (bookmarklet) at http://www.supergenpass.com/ which actually does not store the password on a server or your local machine which makes it much harder for someone to use to steal your passwords. Lastly is one last program called S10 Password Vault (freeware for personal use, closed source) found at http://www.s10soft.com/passwordvault.htm With all these options at your disposal you have no reason not to compute safely keeping your passwords locked away…

  2. giovanni

    Hi Ashraf!!

    It’s Giovanni from Italy!!

    How are you man??

    Yes this program is quite disappointing indeed and KEYPASS and LASTPASS are much better than this GAOTD.

    Actually it seems to me that GIZMO’s FREEBIES are more useful and outstanding than those offeref by GAOTD: very strange, isn’t it??

    How do you explain that??

    Anyway, turning back to this SW, if you’re looking to hide files on your PC hard drive, and you are not keen on installing SW like this one enabling you to encrypt folders or change the attributes on a file so that they cannot be accessed by prying eyes, there is actually another easier and cunning way to do so.

    How??

    Well….look at it:

    http://www.online-tech-tips.com/computer-tips/hide-file-in-picture/

    Amazing…isn’t it?? LOL!!

    After all just a few people know that you can do this, can’t you??

    Hey…keep it secret…psss…LOL!!

    Enjoy!!

    Cheers

    Giovannni

    P.S. I got to know about a couple of great FREEBIES that you oddily missed….but need first to make sure whether these special offers are still on or not….

    So I’m about to drop 2 or 3 “bombshells”…LOL!!

    Do you prefer I do that here (for instance opening one or two posts in your nice forum)or by email??

  3. madalpal

    Good day Ashraf & all. Many have warned us about these & other types of security programs from GAOTD & elsewhere, that if something caused data loss or a crash of the OS, a trial or a one-day-free only download may result in the necessity to have to purchase the program to retrieve this important information. I saw a comment by you or another pro recently, which suggested they felt open source was the best type of password protection, because even the free ones like LastPass still would include the risk of data theft or intentional damage by others, both inside the company & by outside hackers.

    Please correct me if I’m wrong, but the safest bet would seem to be something like your recommendation of KeePass. Also, by not having to be installed, neither of the 2 versions available would include having even the remote chance of problems associated with downloads. I’m going to try version 2.X , that has many more features like synchronization. Hope this helps. Al

    http://keepass.info/download.html
    From their website:
    •KeePass 1.x: Runs on all Windows systems without any prerequisites. Does not need to be installed; is portable. Fewer features than 2.x.
    •KeePass 2.x: Runs on all Windows systems with Microsoft .NET Framework 2.0 or higher installed. Does not need to be installed; is portable.

  4. david roper

    This is ugly to say, I suppose, but no one needs to worry about the folks at Abylon understanding enough English to steal anything from me even if it were NOT encrypted.

    Everybody can breathe easy now. ;-)

    There, I have said my snippy, cutty remark for today. Shame on me.

    Now finally, nope, I won’t be using it. Plenty of other fish in the sea and free, too.