The Vault - Secure Password and Document Storage
By BestApps BV
Open the Mac App Store to buy and download apps.
==[ Want to give The Vault a try for free? The Vault for iOS is a free download! ]==
... have trouble remembering tens or hundreds of online passwords?
... write passwords down somewhere, even though you know this is not the safest thing to do?
... use the same ("cleverly" modified) password in multiple places, instead of using properly randomized passwords that offer the best security?
... sometimes wish you had a photo of a creditcard, passport or other document handy?
... want to securely store lots of other confidential information, photos, animated GIFs, office documents, you name it?
... want all this to be secure, but still very simple to use?
Then ◆The Vault◆ is for you!
The Vault provides straightforward, easy to use, secure storage for all your documents and other data, such as passwords, login credentials and any other confidential information. It can securely store any number of documents, images, screenshots or photos along with your confidential information.
* 256-bit AES encryption *
While storage and access is simple, The Vault uses rock-solid, industry standard encryption.
[technical details below]
◆ ◆ ◆ WHY IS IT BETTER ? ◆ ◆ ◆
▸ The Vault is very simple to use, yet it employs industry-standard encryption to keep your data safe.
(Some other payed apps do too, but some apps advertised as "secure" really do not, and for example save your data using a simple base-64 encoding: your information looks scrambled, but is as readable as plain text when you know how).
▸ The Vault can securely store photos and pictures; for example a scan of your passport, a photo of your credit card, or just the serial numbers of some equipment you own. Anything.
▸ The Vault can securely store *any* office or other document.
▸ The Vault can securely store - and play - animated GIFs.
▸ Securely storing photos and documents is as easy as drag-and-dropping them on an open Note.
▸ Proper random password generation
▸ Auto-shields sensitive information
▸ Securely synchronizes with The Vault for iOS! Please note that you need to have the SecureSync feature installed on your iOS devices for them to be able to SecureSync with The Vault for Mac.
◆ ◆ ◆ TECHNICAL DETAILS ◆ ◆ ◆
This is the part that matters.
This is the part that is hard to get right.
This is the part that makes the difference between actual security and insecurity.
Claiming “military-grade” (or “industry standard”) encryption is meaningless.
Even claiming “256-bit AES encryption”, in itself is not very meaningful.
Claiming “military-grade” encryption and subsequently simply hashing a master passcode - e.g. using SHA, MD5, or, god forbid, nothing at all (!) - is NOT good.
What ís good is to use a proper key derivation algorithm such as PBKDF2, scrypt or bcrypt.
AES is better than ancient algorithms such as Blowfish, Twofish or 3DES.
But even for AES: an app that does not combine encryption with authentication... is doing it wrong. Currently there is some consensus that the best construct is to first encrypt a message and then calculate a message-authentication code, instead of the other way around.
These things matter.
◆ ◆ ◆
The Vault uses PBKDF2 key derivation with an HMAC-SHA512 PRF, and HMAC-SHA256 Encrypt-then-MAC authenticated 256-bit AES encryption, using CommonCrypto functionality only. All cipher and MAC worker keys, as well as all salts and IVs, are purely random data. Keys and IVs are never reused. Each singular piece of data is encrypted with a unique random encryption key, and authenticated with a unique random HMAC key.
Your Master Passcode is never stored; and neither are the derived cipher keys.
◆ ◆ ◆
THE ONLY THING ●YOU● HAVE TO DO?
Choose a long master passcode. Make it long, and make it random!
Read more about why and how inside the app.
What's New in Version 2.4.4
▸ You can now recreate the set of default Template Notes
▸ Set an alternative webbrowser so you can determine - per HotContent URL - if you wish to open it in your default webbrowser or in an alternative browser
▸ You can now rehide sensitive HotContent from the right-click context menu
▸ Now auto-hides credit card CVC codes for you
▸ Bug fixes
▸ Improves HotContent parsing of sftp:// URLs
▸ Improves display and animations for the Preferences Window
▸ Fixes several other minor visual glitches
▸ Subtle redesign with the goal of creating a cleaner overall look and slightly more task-focussed views.
Update 2.2.6 - 2.4.0
▸ Add "Most Recently Edited" folder to The Vault for Mac !
▸ You can now add a new Note to any folder from anywhere
▸ Add "Just Clear Clipboard now" option as alternative to "Auto-Deny Clipboard Access forever" when sharing data
▸ 2.2.8 Improves app Auto-Deny / Clear Clip flow for apps that repeatedly request SecureCopy-Paste data.
▸ Improved URL checking: removes redundant IP4 checking
▸ Faster sorting of MRE folder variants
▸ Improves SecureShare handling of very large Notes
▸ Better parsing of Password, Username and other 'HotContents' in relation to surrounding whitespace
▸ Improves keyboard handling for option-selection in Preferences window
▸ Improves real-time updating of Folders and visible Note in response to Preferences changes
▸ Improves initial auto-positioning of The Vault's main window
▸ Improves stability
Update 2.0 - 2.2.5
- You can now set up a default login email address so that when using a "Mail:User:Pass:" Template, The Vault will auto-insert not only new properly randomized password, but will also auto-fill out the Mail: field for you. Try it!
- Optionally (see Preferences Window) let The Vault sensibly adjust the window width to accommodate your Note contents, fitting SecurePhotos and Documents, and finding an optimal width to fit your Note text as well.
- Optionally (see Preferences Window) inline SecurePhotos and Documents in your Note text, making your text automatically flow around it.
- Restore SecureBackup Bundles directly from The Vault for Mac
- Adds "Auto-deny forever" option to Secure Copy-Paste for applications that repeatedly attempt to access your secure clipboard data
- Optionally reveal only the last 4 digits of a hidden credit card number
- Improves handling of sandbox issues that may cause SecurePhotos to be displayed as "inCloud" icons instead of the actual photo
- Improves HotContent matching of credit card numbers and long numbers in general
- You can now directly access "HotContent Settings" from any HotContent link
- Adds Secure Copy-Paste! Protect your confidential information from clipboard-sniffing malware.
- You can now also revoke a previously granted paste permission
- Now allows repasting secure content multiple times, even when The Vault is running in the background
- You can now "Esc" out of the app from the Preferences window
- Adds How-To info section
- Improves handling of Master Passcode updates
- Fixes SecureSharing of bundled SecurePhotos and other SecureDocuments
- Better handles deletion of Notes immediately after receiving a SecureShare