571898632f
[ADDED] The master password can now be changed. [IMPROVED] Flow of handling the master password when activating the app. [IMPROVED] iTunesArtwork & icons. [ADDED] Elements are now scoped to the current master password. [ADDED] Lots of documentation for the user: - Settings - FAQ - A quickstart guide
177 lines
8.9 KiB
HTML
177 lines
8.9 KiB
HTML
<!DOCTYPE HTML>
|
|
<html>
|
|
<head>
|
|
<style>
|
|
body {
|
|
color: white;
|
|
text-align: center;
|
|
text-shadow: 0 1px black;
|
|
font: 16px "Baskerville";
|
|
}
|
|
h1, h2 {
|
|
margin-top: 1.5em;
|
|
padding-top: 1em;
|
|
font-family: inherit;
|
|
font-weight: bold;
|
|
}
|
|
h2 {
|
|
font-size: inherit;
|
|
}
|
|
i {
|
|
font-weight: bold;
|
|
}
|
|
q {
|
|
font-style: italic;
|
|
}
|
|
img {
|
|
display: inline-block;
|
|
height: 1.4em;
|
|
margin: -0.2em 0;
|
|
vertical-align: middle;
|
|
}
|
|
a, a:link {
|
|
color: inherit;
|
|
font-weight: bold;
|
|
}
|
|
</style>
|
|
<script src="jquery-1.6.1.min.js" type="text/javascript"></script>
|
|
<script type="text/javascript">
|
|
function setClass(activeClass) {
|
|
$(".Class").css("display", "none");
|
|
$(".Class." + activeClass).css("display", "block");
|
|
}
|
|
</script>
|
|
</head>
|
|
<body>
|
|
<h1 onclick="setClass('OPElementStoredEntity')">One Password</h1>
|
|
<h2 onclick="setClass('OPElementGeneratedEntity')">by Lyndir</h2>
|
|
|
|
<h2 id="1">— 1 —</h2>
|
|
<p>
|
|
<b>Find the site</b> that you need a password for by entering it into the <i>search field</i>.
|
|
</p>
|
|
<p>
|
|
<b>While searching</b>, previously used sites will show up along with a <i>usage counter</i>.<br />
|
|
The counter indicates the amount of times you've generated a password for that site.
|
|
</p>
|
|
|
|
<h2 id="2">— 2 —</h2>
|
|
<p>
|
|
<b>The site</b>'s password is now displayed.<br />
|
|
Tap it to <i>copy the password</i>. Once copied, you can switch to another application and paste it into a password field.
|
|
</p>
|
|
|
|
<p class="Class OPElementStoredEntity">
|
|
<b>To change</b> the password for this site, tap the <i>edit icon</i> <img src="icon_edit.png" />.
|
|
</p>
|
|
<p>
|
|
<b>Below the password</b> you can set the <i>password type</i>. Some types <i>create a password for you</i>,
|
|
others let you <i>choose your own</i>.
|
|
</p>
|
|
<p class="Class OPElementGeneratedEntity">
|
|
<b>If the site complains</b> when you try to set or update the password, try changing the password type.
|
|
</p>
|
|
|
|
<p class="Class OPElementGeneratedEntity">
|
|
<b>To create another</b> password for this site, you can increment the <i>password counter</i> <img src="icon_plus.png" />.
|
|
This is useful, for example, when you've had to share the password with somebody else.
|
|
</p>
|
|
|
|
<h2 id="faq">— F.A.Q. —</h2>
|
|
|
|
<h3>What is this thing?<br />
|
|
How do I use it?</h3>
|
|
<p>
|
|
The idea of this application is that you <b>change all of your passwords</b> everywhere to a password
|
|
generated by this app.
|
|
</p>
|
|
|
|
<h3>That's crazy talk.<br />
|
|
Why would I do that?</h3>
|
|
<p>
|
|
Everybody everywhere uses passwords for authentication nowadays. The theory of password authentication is
|
|
simple: It's a secret word that <b>only you</b> and the other party know. So, because nobody else knows
|
|
your secret password, nobody else can log into your <abbr>E-Mail</abbr> or Twitter account with it.
|
|
</p>
|
|
<p>
|
|
That's fine and dandy in theory. In practice, it's an <b>absolute hell</b>. In modern times, people have
|
|
hundreds of accounts on sites all over the Internet. So does that mean we're all remembering hundreds of
|
|
secret passwords? No, of course not. That would be <i>impossible</i>. If you're like most people, you
|
|
remember one or two passwords, and use those for all your sites everywhere.
|
|
</p>
|
|
<p>
|
|
<q>So what</q>, you say? Here's the problem: You're not the only one that knows your secret password. Each
|
|
time your make an account with a site and tell them your secret password, <i>they know it too</i>! Nothing
|
|
is stopping them from trying to log into GMail, Hotmail or Twitter with the same password and username you
|
|
used to register with their own site. Even if you only give your password to sites you trust, all it takes
|
|
is for one of those sites to get hacked and loose their password database. Those hackers now have all it
|
|
takes to impersonate you. This is, in fact, so common, that it's one of the main reasons people's accounts
|
|
are getting hacked or compromised nowadays.
|
|
</p>
|
|
<p>
|
|
This app <b>solves the problem</b> by letting you remember only a single password without requiring you to
|
|
share the password with anyone else. Instead, the app creates secure passwords for use with whatever site
|
|
or purpose you might need a password for.
|
|
</p>
|
|
|
|
<h3>Uh, so what if I loose my device?<br />
|
|
I'm locked out of everything?</h3>
|
|
<p>
|
|
<b>Absolutely not!</b> In fact, generated passwords aren't even stored on your device. No, not in the
|
|
cloud either. They're not stored anywhere! What that basically means is, if you grab the iPhone of the
|
|
person sitting next to you and open this app on it with your own master password, <i>it'll give you all
|
|
your generated passwords</i>. So, if you loose your phone or forget it, just borrow a friend's phone or
|
|
get a new one, and you're back in business. No backups or restores needed.
|
|
</p>
|
|
<p>
|
|
That also means that, unlike all those apps that store your passwords or send them off to be stored
|
|
on the internet, your passwords are much safer. Nobody knows about them. If your device is stolen,
|
|
the thieves can't get at them.
|
|
</p>
|
|
|
|
<h3>I entered my master password on my friend's app. It just says <q>Invalid master password</q> and exits!</h3>
|
|
<p>
|
|
For your own protection and to avoid opening the app after <i>mistyping</i> your master password (and thus
|
|
generating bad passwords for your sites), the app normally checks whether you're entering the same master
|
|
password as the one you've been using before.
|
|
</p>
|
|
<p>
|
|
To open the app with <b>a different master password</b>, just go into your device's <code>Settings</code>, find
|
|
<code>Master Password</code>'s settings somewhere near the bottom, and flip the setting: <code>Change my
|
|
password</code>. The next time you open the app, you can enter a new master password. Don't worry:
|
|
you're not wiping your friend's passwords this way. All he needs to do to get back at his own passwords is
|
|
flip the switch again and change back to his own master password.
|
|
</p>
|
|
|
|
<h3>Great, but that still means I need my phone to access anything.</h3>
|
|
<p>
|
|
Correct. However, remember that usually you'll only need to use this app once for each site. Imagine
|
|
you're usually on your MacBook Air. You go to Twitter, it asks for your password. You get your phone out,
|
|
start the app and generate the password for <code>twitter.com</code>. You copy the password manually by
|
|
typing it out on your MacBook Air. You may notice that the generated passwords have been created such that
|
|
they're fairly easy to copy. Once you log in, though, your MacBook will ask you to save the password in its
|
|
key chain. Agree to that, and you won't need to bring up your phone again the next time you log in to
|
|
Twitter.
|
|
</p>
|
|
<p>
|
|
If you're still worried, the app's homepage details <b>the algorithm</b> used to generate your passwords.
|
|
There's also <b>a Bash script</b> that you can use to generate your passwords on any POSIX system (such as,
|
|
your Mac). A Mac version of this app is also in the works so that you can easily get to all your passwords
|
|
without needing to bring up your phone.
|
|
</p>
|
|
|
|
<h3>This stuff is gold.<br />
|
|
I want one branded for our company.</h3>
|
|
<p>
|
|
Contact me directly for enterprise inquiries. I can provide branded clients and enterprise distribution
|
|
if your company is interested in deploying this solution internally.
|
|
</p>
|
|
|
|
<footer>
|
|
<a href="http://masterpassword.lyndir.com">Homepage</a> | <a href="http://www.lyndir.com">Lyndir</a> |
|
|
<a href="http://www.lyndir.com/contact">Contact</a>
|
|
</footer>
|
|
|
|
</body>
|
|
</html>
|