.FLYINGHEAD PRODUCT REVIEW
.TITLE Secure your passwords visually with visKeeper
.AUTHOR Cynthia Green
.SUMMARY If you need to keep track of a lot of passwords, you might want to try visKeeper, a different sort of password manager. To access your password database with visKeeper, you need to know remember where to touch certain spots on an image. Is this a workable idea? Read Cynthia Green’s helpful review to find out.
.OTHER
I found visKeeper, by sfr, to be a fascinating product. I’m a database administrator and, at last count, I have 297 passwords in my password database. It’s not just work (multiple roles on multiple databases on multiple machines), it seems like half the Web sites I visit need me to set up an account and password. I currently keep all these passwords on a database that is not password protected (don’t tell my security people). My previous PDA (a Sony Clie T665C) had terrible Graffiti recognition and it would have been too difficult and time consuming to have to enter a password every time I opened database.
So you can see why I need something like visKeeper.
When you open your visKeeper database (called a safe), you are presented with a picture. Entering your password is as easy as touching one or more points on the picture. But, I am getting ahead of myself (you can tell that this picture thing is my favorite part of this product).
visKeeper comes in three formats: Windows, Palm OS, and Pocket PC. One license ($20 US) gets you all three products. I really like products for my PDA that have a Windows version. I can do the majority of the data entry on my PC and sync it up with my PDA.
.H1 Installation
The PC installation went smoothly. The only thing I would change is to have the documentation included in the executable or ZIP file. The documentation has to be downloaded separately. Once you get the documentation, though, it is well written and offered in PDF format.
The company who created visKeeper, sfr, is a German firm. I have frequently struggled with documentation from software firms in countries where English is not the predominant language (unlike most Europeans, I am only able to speak "American"). These manuals were clear and easy to understand.
.BREAK_EMAIL There’s a lot more to this review. Tap here for the rest.
When you start the program for the first time you are presented with a choice of entering an activation code or selecting a 30 day trial. It’s a 32-digit activation code, so type carefully. The initial screen shows you the default "safe". Figure A shows you what it looks like on the Pocket PC.
.FIGPAIR A Here’s the Pocket PC "safe".
The screen looks different for the Palm OS, as you can see in Figure B.
.FIGPAIR B Here’s the "safe" for the Palm OS.
And, if you’re a Windows user, you can access the same "safe" as shown in Figure C.
.FIGPAIR C Here’s what it looks like in Windows.
.H1 Creating a password
Your first task is to create visKeeper password. Choose "Password -> Change Picture" from the main menu. You will be asked to select a picture (I like the dolphins shown in Figure D). For now, just choose one of the JPG files presented. We will get into how to use other pictures later.
.FIGPAIR D Wow, pretty dolphins!
The Palm OS and Pocket PC are pretty similar — pretty much just a picture and menu bar. The PC version has few more buttons. You can see it in Figure E.
.FIGPAIR E Ooh, rubber ducky!
To create your password, choose between one and eight spots on the picture that you’ll want to click on. You will need to be able to remember the spots you choose and the order in which you touch them! I chose two fins and a rock on the sea bottom from the dolphin picture above.
You can touch the same place several times in a row and it will generate different characters. As you touch each of your spots you will see two alpha/numeric characters appear in the upper left corner of the window next to the visKeeper title, as you can see in Figure F.
.FIGPAIR F As you touch the screen, your password forms.
This is your password. After you click on OK, you will be asked to confirm. If your second try doesn’t match, you are better off cancelling and starting over again. If you forget your password, even sfr GmbH will not be able to decrypt it! You will have to start over!
There are several options you can choose from when creating a password:
.BEGIN_LIST
.BULLET Full screen picture (Palm OS only)
.BULLET Double scale picture (Pocket PC only)
.BULLET Fast login. The safe opens as soon as you have touched the last spot in your password
.BULLET Input precision. You can adjust the precision (how close you have to be to the exact touch spot) between 5 and 40 pixels. The default is 20 pixels.
.END_LIST
To see what the options screens look like see Figure G, which shows the Pocket PC version.
.FIGPAIR G Choose your options on the Pocket PC screen.
If you’re a Palm OS user, you’ll see a screen like that shown in Figure H.
.FIGPAIR H Palm users will have an options screen like this.
And, if you’re using Windows (and you might be whether or not you use Palm OS or Pocket PC), you’ll have a simple options screen like that shown in Figure I.
.FIGPAIR I Here’s how Windows looks setting options.
The picture used for the password is called a visual door or visDoor. The software comes with a couple of images but you can also use your own (JPEG, PNG, OR BMP) or download more choices from http://www.visdoors.com. If you want to use your own picture, you’ll need to download a freeware program called visMill3 from http://www.visdoors.com that will convert your picture into the appropriate Palm or Pocket PC format.
.H1 Data entry
Now you have a security database with strong 128-bit encryption of your data, it’s time to enter the information you want to protect.
Another thing I liked about visKeeper is the flexibility it offers for storing data. There are two levels of information: categories and entries. Categories are used to group like types of information and entries are the details in each of the categories.
The default categories of Logins, Bank Accounts, Contacts, and Email accounts were just the beginning. The first thing I did was to create a category for database logins. It included the database name, user name, password, machine host, and a notes field for miscellaneous information. I deleted the Contacts category since none of my contacts need to be kept secure. Those of you who frequently call numbers like 976-BABE or have a "little black book" complete with ratings may want to keep this category!
You can assign an icon to each category and/or item. About two dozen icons come with the application, but you can use your own if you choose. You can choose any graphic file you like, and the program will reduce it to 16×16 pixels. I tried this with a JPEG file and couldn’t for the life of me tell what I had started with.
I would suggest creating your own icon with an icon editor or downloading whatever icons you like. Crafting a recognizable image in a 16-pixel square can be quite an art. As you can see in Figure J, there is a user icons tab in the icons window.
.FIGPAIR J You can select an icon or add your own.
If you click on that tab and then on Add Icon, a file selection box will appear, as shown in Figure K, where you can add other icons.
.FIGPAIR K Choose from lots of additional icons.
The icons you add here, on your PC, will appear on your PDA the next time you synchronize. You can see the icons on your Pocket PC as shown in Figure L.
.FIGPAIR L Your icons have made it down to your Pocket PC.
If you’re a Palm user, don’t feel left out. You, too, will get icons on your screen, as shown in Figure M.
.FIGPAIR M The icons transfer from your Windows machine to your Palm handheld.
.H1 Import and export
In the desktop version, you can import information from another visKeeper file, a CSV (Comma Separated Values) file, a YAPS (Yet Another Password Safe) file, or a MySecrets file.
While I was able to export my current password database to a CSV file, I found the exported database wasn’t that useful as an import file. I wanted to set up several different categories, and each of those categories had different fields in them. Therefore, field mapping was difficult. I could, however, make extensive use of cut and paste so that I didn’t have to retype everything. There was also a duplicate record function that was useful when entering records where several fields held the same information.
.H1 Keyboard tricks
WARNING – The following paragraph is for those who prefer to use the keyboard to move around on the screen and enter data. those who prefer a mouse or enter everything directly into their PDA will be bored to death!
Since I am a touch typist, I like to have as many keyboard shortcuts available as possible. Every time I have to use the mouse during data entry it slows me down. I am used to the most commonly used Microsoft Windows user interface — Ctrl+F+S gets me file/save, Ctrl+E+F gets me a find dialog, etc.
visKeeper follows most of those shortcuts. I did get a kick out of looking under Edit and seeing the defined shortcuts for Cut, Paste, Undo. I am used to seeing Ctrl+C, Ctrl+V, Ctrl+Z and instead I saw Strg+C, Strg+V, Strg+Z. I assume "Strg" means Ctrl in German. It certainly works the same.
It was also hard for me to learn to move between fields when setting up categories. I’m used to using Tab and instead I had to hit Enter twice. All in all, while it took me a while to get the sequencing down right, I was able to work quite nicely without resorting to the mouse, while entering both categories and entries within categories. Anyone who is interested in that much detail, send me an email and I’ll send you all the keystrokes needed for each task. I need to get back to the general population since the "mousers" and "stylus users" have probably fallen asleep.
.H1 The rest of the story
For those of you who don’t want to use both a PC and PDA version, you can load the application directly onto your PDA (Pocket PC or Palm OS). The PC interface is not necessary. Entering the activation code on the PDA is a little cumbersome (especially for those like me who can’t remember more than 4 numbers/letters at one time). Of course, this is security software and we wouldn’t respect them if they only had 10 or 20 digits in their key. You will want to use the calibrate option when you set a password, especially if you decide to reduce your precision below 20 pixels. Otherwise you could have a hard time hitting the right spot on the picture.
Tech support is GREAT, and believe me I don’t say that lightly. Having done some tech support myself, I’m very critical. While I didn’t call Germany, I did post a few questions on their forum. All were answered within a few hours.
While I really love this product and highly recommend it, there were a few things missing for my particular needs. As I said at the beginning of the article, I have a large password database. Because it is so large, I frequently use the find function to locate the entry I need. visKeeper has no find or sort function.
I would also like to see the ability to create sub-categories. One answer to this is to have more than one safe. You could have a safe for all your financial information and there wouldn’t be so much in one file to go through. I decided, for now, to put the information that needs to stay secure — financial information, system logins for work, and so forth into two safes. I kept the numerous Web logins, where security didn’t matter, in my original database which was unsecured.
Another problem I noticed was that the HotSync doesn’t synchronize. That is going to come out in the next release. Until then, you need to change the custom setting in your HotSync program, and change the visKeeper setting to either have the desktop overwrite the PDA or the PDA overwrite the desktop.
This is a fairly new product; it just came out in April, 2004. Sfr is planning to add sort and find functionality in their next release, as well as the ability to drag and drop items between categories. This new release is due within a month.
.BEGIN_KEEP
They are still up in the air about sub-categories, but have said they will probably put in folders by the end of the year. I could happily settle for folders instead of sub-categories (where the attributes of the parents go down to the children). I just want to organize everything. When those changes come I will put everything into visKeeper and abandon my other database.
.H1 Summary
Here a the pros and cons of this product. First, the pros:
.BEGIN_LIST
.BULLET Visual password. I love this. I can never remember more than a few numbers and letters, so clicking on several places on a picture is easier. Besides, it’s so COOL.
.BULLET Availability of Windows version for data entry
.BULLET Flexibility. Each category can have different layouts.
.BULLET Price. $20 for all three formats.
.BULLET Excellent documentation.
.END_LIST
And the cons are:
.BEGIN_LIST
.BULLET Non-standard keyboard shortcuts;
.BULLET No sorting;
.BULLET No sub-categories;
.BULLET No search feature;
.BULLET No online help, and
.BULLET No true synchronization in the HotSync process.
.END_LIST
Overall I would rate this product with a 4, only because it is missing several key features. Since most or all of those features are going to be incorporated in the next release, and since the next release is expected within a month, I would upgrade it to a 5 at that time.
.RATING 4
.BEGIN_SIDEBAR
.H1 Product availability and resources
For more information on visKeeper, visit http://www.viskeeper.com.
For more information on visDoor, visit http://www.visdoors.com.
For more information on YAPS, visit http://www.msbsoftware.ch/yaps.html.
For more information on MySecrets, visit http://www.tipware.de/english/products/mysecretsW.html.
.END_SIDEBAR
.BIO Cynthia Green is a Senior Database Administrator working in Chicago who has been using Palm OS PDAs since they first came out. She is so dependent on her PDA that she’s thinking of having it surgically attached so she’ll never be without it. Her motto is "If I didn’t write it down, it didn’t happen." She can be reached at cpgreen@ameritech.net.
.END_KEEP
