2
0
MasterPassword/OnePassword/Resources/help.html
Maarten Billemont 571898632f Master password loading improvements + changing + docs.
[ADDED]     The master password can now be changed.
[IMPROVED]  Flow of handling the master password when activating the app.
[IMPROVED]  iTunesArtwork & icons.
[ADDED]     Elements are now scoped to the current master password.
[ADDED]     Lots of documentation for the user:
                - Settings
                - FAQ
                - A quickstart guide
2012-01-29 12:41:48 +01:00

177 lines
8.9 KiB
HTML

<!DOCTYPE HTML>
<html>
<head>
<style>
body {
color: white;
text-align: center;
text-shadow: 0 1px black;
font: 16px "Baskerville";
}
h1, h2 {
margin-top: 1.5em;
padding-top: 1em;
font-family: inherit;
font-weight: bold;
}
h2 {
font-size: inherit;
}
i {
font-weight: bold;
}
q {
font-style: italic;
}
img {
display: inline-block;
height: 1.4em;
margin: -0.2em 0;
vertical-align: middle;
}
a, a:link {
color: inherit;
font-weight: bold;
}
</style>
<script src="jquery-1.6.1.min.js" type="text/javascript"></script>
<script type="text/javascript">
function setClass(activeClass) {
$(".Class").css("display", "none");
$(".Class." + activeClass).css("display", "block");
}
</script>
</head>
<body>
<h1 onclick="setClass('OPElementStoredEntity')">One Password</h1>
<h2 onclick="setClass('OPElementGeneratedEntity')">by Lyndir</h2>
<h2 id="1">&mdash; 1 &mdash;</h2>
<p>
<b>Find the site</b> that you need a password for by entering it into the <i>search field</i>.
</p>
<p>
<b>While searching</b>, previously used sites will show up along with a <i>usage counter</i>.<br />
The counter indicates the amount of times you've generated a password for that site.
</p>
<h2 id="2">&mdash; 2 &mdash;</h2>
<p>
<b>The site</b>'s password is now displayed.<br />
Tap it to <i>copy the password</i>. Once copied, you can switch to another application and paste it into a password field.
</p>
<p class="Class OPElementStoredEntity">
<b>To change</b> the password for this site, tap the <i>edit icon</i> <img src="icon_edit.png" />.
</p>
<p>
<b>Below the password</b> you can set the <i>password type</i>. Some types <i>create a password for you</i>,
others let you <i>choose your own</i>.
</p>
<p class="Class OPElementGeneratedEntity">
<b>If the site complains</b> when you try to set or update the password, try changing the password type.
</p>
<p class="Class OPElementGeneratedEntity">
<b>To create another</b> password for this site, you can increment the <i>password counter</i> <img src="icon_plus.png" />.
This is useful, for example, when you've had to share the password with somebody else.
</p>
<h2 id="faq">&mdash; F.A.Q. &mdash;</h2>
<h3>What is this thing?<br />
How do I use it?</h3>
<p>
The idea of this application is that you <b>change all of your passwords</b> everywhere to a password
generated by this app.
</p>
<h3>That's crazy talk.<br />
Why would I do that?</h3>
<p>
Everybody everywhere uses passwords for authentication nowadays. The theory of password authentication is
simple: It's a secret word that <b>only you</b> and the other party know. So, because nobody else knows
your secret password, nobody else can log into your <abbr>E-Mail</abbr> or Twitter account with it.
</p>
<p>
That's fine and dandy in theory. In practice, it's an <b>absolute hell</b>. In modern times, people have
hundreds of accounts on sites all over the Internet. So does that mean we're all remembering hundreds of
secret passwords? No, of course not. That would be <i>impossible</i>. If you're like most people, you
remember one or two passwords, and use those for all your sites everywhere.
</p>
<p>
<q>So what</q>, you say? Here's the problem: You're not the only one that knows your secret password. Each
time your make an account with a site and tell them your secret password, <i>they know it too</i>! Nothing
is stopping them from trying to log into GMail, Hotmail or Twitter with the same password and username you
used to register with their own site. Even if you only give your password to sites you trust, all it takes
is for one of those sites to get hacked and loose their password database. Those hackers now have all it
takes to impersonate you. This is, in fact, so common, that it's one of the main reasons people's accounts
are getting hacked or compromised nowadays.
</p>
<p>
This app <b>solves the problem</b> by letting you remember only a single password without requiring you to
share the password with anyone else. Instead, the app creates secure passwords for use with whatever site
or purpose you might need a password for.
</p>
<h3>Uh, so what if I loose my device?<br />
I'm locked out of everything?</h3>
<p>
<b>Absolutely not!</b> In fact, generated passwords aren't even stored on your device. No, not in the
cloud either. They're not stored anywhere! What that basically means is, if you grab the iPhone of the
person sitting next to you and open this app on it with your own master password, <i>it'll give you all
your generated passwords</i>. So, if you loose your phone or forget it, just borrow a friend's phone or
get a new one, and you're back in business. No backups or restores needed.
</p>
<p>
That also means that, unlike all those apps that store your passwords or send them off to be stored
on the internet, your passwords are much safer. Nobody knows about them. If your device is stolen,
the thieves can't get at them.
</p>
<h3>I entered my master password on my friend's app. It just says <q>Invalid master password</q> and exits!</h3>
<p>
For your own protection and to avoid opening the app after <i>mistyping</i> your master password (and thus
generating bad passwords for your sites), the app normally checks whether you're entering the same master
password as the one you've been using before.
</p>
<p>
To open the app with <b>a different master password</b>, just go into your device's <code>Settings</code>, find
<code>Master Password</code>'s settings somewhere near the bottom, and flip the setting: <code>Change my
password</code>. The next time you open the app, you can enter a new master password. Don't worry:
you're not wiping your friend's passwords this way. All he needs to do to get back at his own passwords is
flip the switch again and change back to his own master password.
</p>
<h3>Great, but that still means I need my phone to access anything.</h3>
<p>
Correct. However, remember that usually you'll only need to use this app once for each site. Imagine
you're usually on your MacBook Air. You go to Twitter, it asks for your password. You get your phone out,
start the app and generate the password for <code>twitter.com</code>. You copy the password manually by
typing it out on your MacBook Air. You may notice that the generated passwords have been created such that
they're fairly easy to copy. Once you log in, though, your MacBook will ask you to save the password in its
key chain. Agree to that, and you won't need to bring up your phone again the next time you log in to
Twitter.
</p>
<p>
If you're still worried, the app's homepage details <b>the algorithm</b> used to generate your passwords.
There's also <b>a Bash script</b> that you can use to generate your passwords on any POSIX system (such as,
your Mac). A Mac version of this app is also in the works so that you can easily get to all your passwords
without needing to bring up your phone.
</p>
<h3>This stuff is gold.<br />
I want one branded for our company.</h3>
<p>
Contact me directly for enterprise inquiries. I can provide branded clients and enterprise distribution
if your company is interested in deploying this solution internally.
</p>
<footer>
<a href="http://masterpassword.lyndir.com">Homepage</a> | <a href="http://www.lyndir.com">Lyndir</a> |
<a href="http://www.lyndir.com/contact">Contact</a>
</footer>
</body>
</html>