Keep It Secret! Keep It Safe!

The Cross Platform Password Manager

Tobias Buchloh

Latest Build: Version 1.0.1 on Mittwoch Feb 08, 2012 20:49:57

Abstract

The basic idea of KisKis™ -project is to create an application that allows you to store all your passwords and sensitive/personal information in a secure file that you can carry with you all the time and that can be opened on different computers. So you can access your passwords whenever you need to. You might even give this file your worst enemy because it would be useless for him without the master password [1] .

KisKis™ will help you to follow the rules for secure password usage. It checks your passwords quality and enables you to use one password for exactly one account, even if you need to access hundreds of different accounts. There is only one master password you need to remember.

Please visit our Screencast Tutorial on youtube [2] for a short introduction.

Try Java Web Start to run the application without any installation effort on your machine.

Have a lot of fun! and let me know if you like KisKis™ .



[1] OK, you need a well chosen master password that cannot be guessed ;-). Please read Password Quality chapter.


Table of Contents

Introduction
Features
Installation
Runtime Dependencies
Running KisKis
Building from source
Manual
Getting started
Account types explained
Generating passwords automatically
Checking password quality
Importing CSV files
Options and preferences
Warranty
Cryptography Verification
Download
Help!
Contributions
Contact

Introduction

KisKis™ is an easy to use platform manager written in Java. So it runs on any platform with an appropriate Java Virtual Machine (JVM) available (e. g. Windows, Linux, Solaris, Mac OS, ...)

KisKis™ allows you to manage passwords and other secret information for many different purposes such as network, mail or internet accounts, credit card pins, bank accounts witn TAN lists and password secured files. Each account can be described by multiple attributes (e. g. user name, URL, expiry date) and comments. The history of each password change can be tracked. Multiple file attachments can be added to each account. You can define your own account templates with custom data fields to meet your needs.

Figure 1. Editing a bank account with TAN-lists and PINs.

Editing a bank account with TAN-lists and PINs.


The accounts can be grouped hierarchically within a tree structure . A simple search function filters the tree view for what you are looking for. You will not lose track of all your data even if you have hundreds of different accounts.

New passwords can be generated automatically in three distinct ways. The first one is a secure approach generating totally randomized passwords with many special characters - hard to read and hard to remember. The second approach generates much more readable passwords. At last you can generate passwords from a user defined template. The password quality is visualized as well. You can test your passwords with an internal password cracker against a dictionary with more than 1.6 million words.

All passwords are stored in a single XML file encrypted by a single "master password". AES-{128, 256} [3] , Blowfish, Twofish and other encryption algorithms can be used. The encryption algorithms suffice the OpenPGP-standard [4] , so you can verify the implementation with GnuPG (GPG) or Pretty Good Privacy (PGP) [5] . That means you don't have to believe me that your secrets are kept safe you can verify it easily ;-)

An open architecture is the key to build up trust and security. You can export all your data into different formats if you are fed up with KisKis™ and if you switch to another password manager.

Existing data can be imported via comma separated value files (CSV).



[1] OK, you need a well chosen master password that cannot be guessed ;-). Please read Password Quality chapter.