Safepad has started becoming quite a popular tool with people, and I get feature requests from users all the time. The 2 most common requests are the following:
Caching of session passwords.
Generating user passwords to be stored in a secure document.
On this latest release I have focused on these 2 requests.
Caching of Session Passwords
In the previous versions of SafePad, everytime you open a document you have to enter in a password(s). Some users have found this a little painful, because for certain groups of files they use the same master passwords to secure the files, so they felt that when the application is open, they shouldn’t have to re-enter the password each time if the file has the same password.
This has been the most asked for feature request,so I have added it into Version 1.3. As you can see in the screen shot below, when you load a document, there is a check box to ‘Cache Password for Session’ when you check this box, the password(s) will be cached in memory (in encrypted form), so that the next time you open a file with the same password it will just open. If you try to open a file that uses a different password, you will be re-prompted to enter the password.
Once you close the application the cached password will be removed, so it will need re-entering when you load up the application. I didn’t want to get into the problems of saving the encrypted passwords to disk, I would rather just keep them in memory. I hope you find this a big usability feature. I have been using it for over a month (at the time of writing) as I keep all my staff 1 to 1 notes in encrypted files, so it is nice to be able to just open the files in a sessions without entering the password every-time.
I have recently released version 1.2 of Safe Pad. Safe Pad is a encrypted text editor that allows you to protect your documents using strong FIPS Compliant AES Encryption using up to 2 passwords to generate your encryption key. Safe Pad is open source and has been released under the GNU Public License.
I have now released version 1.1 of my popular encrypted notepad application SafePad. Version 1.1 focuses on many of the requests I have had from users. These are mainly around usability.
What is SafePad
SafePad is a simple FREE text editor that lets you encrypt your documents using 3 cascaded iterations of AES encryption (Advanced Encryption Standard). To protect your document you have to provide 2 passwords. Passwords have always been a problem when it comes to security as users tend to pick a password that is easy for them to remember. This also means that the password is most likely easy to crack. By using 2 passwords and performing multiple rounds of encryption, it makes it much harder to crack the passwords. If someone manages to crack password 1, all they will get back is encrypted text, so it would be very hard to them to know they have cracked that password.
Picking strong yet easy to remember passwords is essential when protecting your files. If your passwords are easy to guess or can be cracked by a brute force search then you are leaving your data open to being stolen. Here is a good article over at wolfram.org with some good advice on picking strong passwords.
In this article I am going to cover how the code is structured. To demonstrate the code structure I will use the Architectural Dependency diagrams in Visual Studio 2012.
The main solution file is split into 3 projects. There is the SafePadClientLibrary which contains the code for encrypting the documents, compression, and the handling of the SafePad file format. The domain objects in this library contain all the important routines for making the project work.
Recently I have been doing a bit of travelling for work to visit vendors and this has involved some lengthy train journeys. On these journeys I decided to set about writing a small little application that I had a use for. Initially I wanted a password vault, but when I thought about it more, I realised I wanted a secure way to store all sorts of information, like passwords, license keys, financial data etc.
So, whilst whiling away the hours on the train I started developing Safe Pad. The application is a pretty typical Rich Text based editor, but when you save your documents they are compressed and then stored by encrypting it with AES 256 three times using 2 passwords. This is a similar theory as to when the DES algorithms life was extended by using it to triple encrypt.
AES 256 is already a very strong algorithm, but when used in an application like this people still tend to use rather weak passwords which makes them susceptible to dictionary attacks. Because this application triple encrypts you are prompted to enter 2 passwords, therefore the program encrypts with password 1, then password 2, and then password 1 again. It adds that extra layer of protection for your secrets. Of course, this isn’t an excuse to use weak passwords, I still recommend using strong passwords made up of mixed case letters, numbers and non alpha-numeric symbols.
I have developed the program enough to a stable 1.0 release. It is quite basic, but then again it doesn’t need to be complicated. I have released the source code on CodePlex under the GNU Public license and this marks my first foray into the world of open source software development. Feel free to download the application if you think it will be useful to you. It costs nothing. If you are not interested in messing around with the source code, then there is an installer you can use to install the application. If you feel like adding some features, then the source code is available for you to play around with.