ForgotIt? (Password Keeper)
Erich H Rast
info, views, download, rating, security, insecure
ForgotIt? manages all these passwords you barely can remember and have almost forgotten. Instead of writing them down on little pieces of paper. 1.3 Added support for Mac OS X, the download link for the 68k 1.3 does not exist on the authors website, so we will start assuming that the author has discontinued 68k support
SecureMac has played with the program, one of our main concerns was where is the password kept and encrypted. We asked the author for a little more explanation:
ForgotIt? uses a 560-bit Blowfish encryption algorithm produced by a
reliable third-party developer. The Blowfish key is generated in memory and
all unencrypted password list data is held in memory as well. Anything
written to disk is encrypted and there is no key stored anywhere on disk.
I have full trust in the original developer of the Blowfish-encryption
module and know him personally, but as I don't know the implementation
details of the module itself, I have to consider my application's
encryption security below military and big company level security. By that
I mean that the encryption of ForgotIt? is strong enough to withstand
attacks by any private person, smaller groups or associations / companies,
but there might be a possibility that a professional, high-cost
cryptanalysis at military/governmental/big company level eventually would
break the encryption of a given password list.
cont. program has a nice GUI to follow, quick processing. Worth taking a look at if you believe you should make every password different, but have a hard time remembering them.
Current Download Version: 1.3
68k download: snafu.de
PPC download: snafu.de
Mac OS X download: snafu.de
ForgotIt? is a 15.00 shareware fee. Read the README for more instructions
There was a bug in version 1.3 that caused an 1,010 error on launch on systems prior to OS 9. This has been fixed. If you have downloaded version 1.3 and it doesn't run on your system, please go to the Download Page and get a patch. I'm sorry for any inconvenience you might have had.
"After version 1.3.2 has been released, I will be even more busy than I have been before. I'll continue working on ForgotIt?, but please be patient. Let me know if there are any features missing in the current version — perhaps I'll be able to include them in version 1.4. "
A little trick: You can add a login and password directly to an FTP-URL. An FTP-URL has the following syntax: ftp://login:firstname.lastname@example.org/path1/path2/
Such an URL directly leads you to the directory path2, whereas the login and password is entered automatically. (Of course you have to replace "login" and "password" with your real login and password.)