Regex Password Vault Blog

Tip: Safely Email Documents Using Regex Password Vault

by Shawn O'Hern September 26, 2012

Have you ever needed to email someone a sensitive file or document?

Sending files and documents via email can be risky without encryption. Maybe you use an enterprise email system that has encryption built in, or you already have encryption software installed on your computer. But what if you don't?

Regex Password Vault can be used in a pinch to encrypt files and documents and make them safe to transmit via email. This is thanks to a little-known feature of Password Vault: file attachments. You can attach files and documents to a password in a Vault file; the attachments are always encrypted. Then you can safely email the Vault file containing the attachments. The file can't be opened without the correct master password.

Follow the steps below to safely email someone sensitive files or documents:

  1. You will probably want to create a new Vault file to hold the attachments (unless you also want to send all of your personal passwords to another person). So click File > New Vault File. Follow the instructions to create a new file. Choose a strong master password, keeping in mind that you will have to share it with the other person.
  2. Create a new password by clicking Edit > New Password.
  3. Click the Attachments tab. Now you can drag as many files as you want into the File attachments box.
  4. Click OK. Save the Vault file.
  5. Now you can attach the Vault file to an email and send it. Note that the original source files on your computer have not been modified and are not encrypted.
  6. You will need to share the master password with the recipient. Either send it in a separate email, or call the recipient on the telephone to tell them the password.
  7. The recipient will receive the email and the master password, open the Vault file, and be able to save the files and documents to his computer.

The recipient will need to install Regex Password Vault on his computer to be able to open the Vault file and access the attachments. It is a free download from our website. As long as the Vault file has no more than 15 passwords, the recipient can open it without needing to purchase a license.

Categorized as: Password Vault Tips

7 Steps for Choosing a Strong Password

by Shawn O'Hern August 24, 2012

Below are 7 steps to help you choose strong passwords. By following these steps and using strong, unique passwords, you will greatly enhance the security of all your password-protected accounts.

1. DON'T use an obvious password ("password", "123456", "qwerty", etc.)

This shouldn't even need to be written. But unfortunately, every time there is a security breach in the news, there inevitably follows a story about how someone analyzed the leaked data and determined half of all user accounts have "letmein" as their password.

This can't even be characterized as mere laziness. If you use one of these passwords, you are practically begging to have your account hacked.

2. DON'T use names, nicknames, dates, or any meaningful numbers

Don't use your child's name, your pet's name, birthdays, anniversaries, or your old football number. These are all too easy to find, either through public records, or just a little bit of Googling.

3. DON'T use words

Attackers have access to dictionaries too. It is trivial for a hacker to launch a brute-force attack to try every word in the dictionary. They can also anticipate tricks such as using a non-English word, or replacing "s" with "$".

4. DON'T use the same password everywhere

Hopefully you are never unfortunate enough to have one of your passwords stolen or leaked, but you never know. If you are in the habit of using a different password for every account, at least the damage will only be limited to that one account. On the other hand, imagine if that same password could also be used to get into your email, online banking, and social networking accounts...the result could be devastating.

5. DO use the longest password possible

If your password must be between 8 and 15 characters, make it 15. Each additional character makes your password exponentially harder to crack.

6. DO use random passwords when possible

The strongest password you can create is a completely random sequence of uppercase and lowercase letters, numbers, and symbols. If you use a password manager (or if your brain actually has the capability to memorize these things), this is the only type of password you should be using.

7. DO build passwords out of phrases

When a password manager isn't an option, your best bet is to use a long phrase. If you can use the entire phrase for your password (some systems will allow very long passphrases), that is great! Otherwise, you can create your password using the first letter of each word, the punctuation in the phrase, and even some numbers substituted in for good measure.

This system works well because phrases can be easily memorized, but are quite difficult for an attacker to guess. In this regard, the more nonsensical the phrase, the better. Don't use quotes or phrases that are published, try to think of your own.

For example, the phrase:
Sally said, "Look! Harry the goose jumped over the moon."
can be turned into the following password: Ss,L!Htgj0tm.

Categorized as: Personal Security

Password Vault 5 Beta Testing Open

by Shawn O'Hern July 29, 2012

We want you—to be a beta tester! We are looking for users interested in testing the newest version of Regex Password Vault, Version 5. You don't need to have used Password Vault previously, and you don't need to have testing experience. We want feedback from all types of users.

Signing up is easy and free: just register at http://www.pvault.com/beta/. You will receive a download link and product key. Then simply start using Password Vault 5 on a day-to-day basis. If there are things you like or dislike about the software, or if you happen to find a bug, let us know. There is a feedback form directly in the software, or you can contact us through our website. At the end of the beta, there is an online evaluation form we will ask you to fill out.

To thank our testers, everyone who completes an evaluation form will receive a free license for the full version.

So please register today at http://www.pvault.com/beta/ and help us continue to improve Regex Password Vault!

Categorized as: Announcements

Password Vault 5 Announcement

by Shawn O'Hern July 29, 2012

We are proud to announce the release of Regex Password Vault 5, the latest version of our password manager and form filler for Windows.

For Password Vault 5, our focus has been on polishing the user experience. We want to make managing your passwords easier, more efficient, and more fun.

What's new in Password Vault 5?

  • We have added new AutoComplete toolbar buttons to Internet Explorer, Firefox, and Chrome to make it a snap to AutoComplete passwords and identities on webpages.
  • You don't have to worry about manually saving your Vault file anymore. We have added auto-save functionality. Your file will be saved every 10 minutes by default (you can change this interval or disable it completely).
  • It is now possible for you to AutoComplete just a portion of a webpage if needed. For example, if there are fields that are already filled and you do not want them to be disturbed. Just use your mouse to select the fields you want filled, and Password Vault will AutoComplete only those fields.
  • We have worked hard to improve the functionality and appearance of the user interface and notification area (system tray) menu. Lots of little improvements have been made (see if you can find them all). There are now three attractive themes to choose from.
  • Backups of your Vault file are now managed smarter. Old backups are purged once they reach a certain age, which solves the problem of ever-growing numbers of backups taking up space on your hard drive. The backup location is now per-computer, which is very useful if you use the same Vault file on multiple computers.
  • You can now delete multiple items or change multiple sharing permissions in a single operation, which is a huge timesaver.
  • Multi-user concurrent editing can now be turned off. When turned off, the first user to open a Vault file can make changes. All subsequent users will open the file in read-only mode (similar to how Microsoft Excel works). This behavior will be far less confusing for groups that desire multi-user capability without needing concurrent editing.
  • You now have the option to install Password Vault under a standard (non-admin) Windows user account.
  • The MSI-based installer has been replaced by a new technology. The installer corruption and other problems that some users have been experiencing should now be just an unpleasant memory.

Regex Password Vault 5 is available for beta testing today. Everyone is invited to try out the newest version of Password Vault...and that includes you! Please visit http://www.pvault.com/beta/.

Categorized as: Announcements

Yahoo Breach Exposes Over 450,000 Passwords

by Shawn O'Hern July 13, 2012

Yahoo confirmed yesterday that login credentials for over 450,000 user accounts associated with its Yahoo Contributor Network were compromised on Wednesday and published online. You can read more about this story here and here.

What information was leaked?

Usernames and passwords for over 450,000 users. Approximately 300,000 of those accounts were for non-Yahoo email services, such as Gmail, Hotmail, and AOL. This is because many users opt to log into Yahoo Contributor Network with a non-Yahoo email address. Additionally, personal data (such as full names, addresses, birthdays, and phone numbers) associated with the compromised accounts were leaked as well.

Who is at fault?

This incident appears to be the result of lax security practices by Yahoo. The exposed passwords were stored in plaintext form, which never should have been allowed. And the hackers claim to have accessed the data using a SQL injection attack, which is a fairly simplistic type of attack. The fact that a tech company as sophisticated as Yahoo did not take precautions to prevent this type of attack is quite disturbing.

Even if my account wasn't compromised, what can I learn from this?

The most important lesson is don't use the same password for multiple websites. Use a different password for each site. That way, if your password is ever compromised on one site, attackers won't be able to use that same password to gain access to your other accounts.

Also, it's always a good idea to use strong passwords made up of random sequences of letters, numbers, and punctuation. Don't use whole words or easy-to-guess sequences such as birthdays or "123456". Although a strong password wouldn't have helped you in this case (the passwords weren't guessed by the attackers, they were leaked directly by Yahoo), it's a best practice nevertheless.

A password manager such as Regex Password Vault makes it incredibly easy to use strong, unique passwords for each of your accounts. Regex Password Vault can securely store an unlimited number of passwords, it can fill login forms for you so you don't have to remember those passwords, and it has a random password generator to create strong passwords with a single click.

Categorized as: Security News

What is Regex Password Vault?

Regex Password Vault is a password manager and form filler for Windows. It simplifies your life by remembering all your usernames and passwords for you, saves you time by logging you into websites and filling out long web forms with a single click or keystroke, and keeps you safe online by making it easy to use strong, unique passwords for all your accounts!

Introduction
Features
System requirements
Download a free trial