The first access

At the first launch, it will ask you to agree the privacy policy of the App.

Since the version 1.5.3.0, the privacy policy at the time of the distribution is embedded in the App (and this document will be considered valid for your installation).
In case an update of PwdCrypter© include an update of th privacy policy, it will be offered to you for reading and its reception will be required.
If you won't agree with this, you must uninstall the App from your devices.

The last version of the privacy policy is available here.

The access to the App is although shielded by a password: at the first launch, it will ask you to create a master password.
It is very important remember this password. Without it, you will not able to access to the application.

Menu

In the menu there are the following options:

• Summary. Summary page with some statistic information;
• Passwords list. It gives us the access to the passwords in the list;
• Change the login password. It permits to change the login password of the application;
• Transfer the password list. It gives us the feature for import and export the list of passwords;
• Cloud. From this page you can log to the Cloud service;
• Check your passwords. New feature to perform an analysis of your passwords;
• Backup. Feature that simplify the backup and restore operations;
• List of news. Show the list of the latest news about the App;
• Settings. Page of the application settings;
• Privacy policy. Show privacy policy of the application;
• About. It show a page with the information about the application. It gives us also the link to this manual.

Staring from 18th August 2019, the API of the famouse service called "Have I Been Pwned?" by Troy Hunt requires a monthly subscription.
The reasons of this change was detaily described by the same Troy in his blog.
From the 18th August, the feature available in PwdCrypter that use the API of this service has been down. Due to this, the feature "Check your passwords" has been temporarly removed...
up to the version 2.1.0.0 in which that feature has got the new task of analysing the passwords registered in the App.

Summary

The page shows some statistic information:

• totla number of passwords in the list and subdivision in categories;
• date and time of the last access;
• reference, date and time of the last password registered.

N.B.: if you have filtered the list in order to show the passwords list in the Cloud, the information showed in the summary will be concerning to the that.

Passwords list.

The page shows the complete list of the passwords.
With a button in the toolbar you can apply a filter to the list and change the order of the result.

For open a password and see the detail you have simply to click one of the element in the list.
From this page you are able to modify or remove the password data (using the buttons in the toolbar).

In order to register a new password:

• on Windows 10, use the button in the toolbar of the passwords list page;
• on Android, use the floating button "+" at the botton-right side of the passwords lista page.

The basic information of a password are:

• description;
• account type or category;
• the selection of the username to use in the login form, used by the copy and paste feature for the access module (see the chapter Extensions);
• username;
• password;
• e-mail

The detail information is variable depending on the category.

At the right of every field of these pages is available the button for copy the data to the clipboard.
Additionaly, for the password field is usable the button for show the password as plaintext. In case of insertion, there is also the button for generate a random password (usefull whne you have to create a new account).
A very importanti feature is the complexity level of the password your are typing: more the color is near to the light green and more the password is unguessable.

A detail information that you can find in this new version of the App is the possibility to link attachments to the password.
The attachments are encrypted and grouped with the password data itself.

Change the login password

The feature allow you to change the master password of the application.
Due to the change of the password, the data registered by the App will be recoded.

N.B.: if you have logged in to a Cloud service at least one time, it will be ask you to update the data save in that Cloud platform.
It is not mandatory, but it is advisable in order to keep the data on the Cloud accessable by the App.

Transfer the passwords list

It is important periodically backup our data. For this purpose the App gives you the feature for export the data of your passwords.
Are available the following formats:

• JSON. The passwords data are exported to a plaintext file in JSON format;
• ZIP. The passwords data are exported to a plaintext file in JSON format, as in the previous option.
  The archive contains also the attachments linked to the passwords;
• LIST. It exports the password list to a file with .list extension. The file is encrypted and all the attachments are included (also encrypted).

The first two formats are not encrypted (so they can be read by human). The third format is safer than the others because that file is protected by encryption.

N.B.: Since the version 2.0.0.0 the formats TXT and CSV are deprecated and replaced by the JSON format. The JSON is a format universaly used for data exchanging.

Important note: for importing the encrypted file .list, it is essential that the master password is the same used at the exportation moment.
For security reason, only the user that has exported the data shall be able to import that in the application.
It is also true that if you have changed the master password, you will not be able to import the .list file that you have created before.

Since the version 1.5.3.0, there are two new commands concerned the Cloud feature:

• Download. The command download to local the data available in the Cloud.
• Upload. The command upload to the Cloud the passwords data saved in your device.

WARNING: any backup of your data is won't be done by these two features, that data will be overwrited.
It is user care verify the data in the Cloud and/or in the device before start those operations.

Cloud

The App can use the Cloud as workspace for the passwords data.
This feature is available since the version 1.5.3.0, with only the access to Microsoft OneDrive.
Since the version 2.0.0.0 it is also available the connection to Google Drive.

When the user is logged in to the Cloud, in the filter page of the passwords list you can select the option Search in the Cloud.
In this way, the summary page and all the others features will be going to work with the data in the Cloud.

Check your passwords

Starting from the version 2.1.0.0 the check password feature is come back.
Its behavior has changed compared to the previous version, in which the service "Have I Been Pwned?" by Troy Hunt was used (see section Menu to know the change reason): instead of looking for the account in the archives of "Have I Been Pwned?", now a formal password analysis is performed.

Press the button Start checking your passwords to start the analysis of all registered passwords. A message to screen will inform you about the result of that verification.
A button labeled with Some passwords need attention will appear if any passwords that can be improved will be discovered. This button allow you to show the list of the passwords with potentialy security issues.

The result page is similar to the passwords list page: the scrollable list of passwords, the search bar and the button to set an advanced search filter.
The issues that the feature is able to find are the following:

• Password too weak. A password that it's easy to guess (ex: "password" or "1234");
• Password too old. A password that it's unchanged for at least 180 days.

To skip the check for a specific password, you can switch on the Skip the password check option in the detail page of the password.

Selecting an item in the result list you will open the page with the detail of the analysis:

• Description. The password description;
• Last change. Date and time of the last change;
• Crack time. The (estimated) time that an hacker may takes to guess the password;
• Entropy. It means how much the password is strong. This value is greater depending on how many attempts are needed to guess the password. You can see that like a complexity level for the password.
• Score. Value from 0 (easy to guess) to 4 (very safe).

WARNING: the results you get are obtained by computing and evaluations. A password considered very safe doesn't means that it's impossible to guess.

Backup

This feature has been introduced starting from the version 2.1.0.0 to simplify the backup and restore operations.
The main page shows the date and time of the last backup. If you have set a backup interval (see the Settings section), you can find the date and time of the next scheduled backup.

The button Create a backup allow you to create a backup of your passwords and attachments. The generated file is a ZIP archive which contains the encrypted password file and the folder with the attachment (encrypted) files.
You can also use the Cloud as backup storage.
In particular, for the Cloud storage, you can maintain the backup history (automatically) as you have defined in the Security and access section on the Settings page.

The button Restore allow you to restore the passwords using a backup file. The file you need to select for this operation must be the one you have generated using this backup feature. The export to the ZIP format feature cannot be used for this process.
You can choose to restore a backup available in the Cloud: a specially designed page will show to you the list of available backups.

Settings

The page shows the settings option of the App.
You can set:

• the session timeout. The default time is 5 minutes;
• enable the notifications in App when the feature connected to the browser extension is used;
• enable the local notifications on the device.

This settings are saved locally in your device, so they are not exported by the transfer feature.

Since the version 2.1.0.0 the button Security and access is available, which provides additional ways to access the App and password security settings.

• Check periodically the passwords. It defines the time interval starting from the activation moment for sending local push notifications, as a reminder, to perform the password check;
• Access with. It allows you to define how to access to the App. The master password is the default mode, but you can choose the two factor authentication (2-FA) or the fingerprint access if available on the device;
• Backup frequency. It defines the time interval starting from the activation moment for sending local push notifications, as a reminder, to perform the backup;
• Backup history. It is available for the backup in the Cloud, it defines the expiration date of the backup files. When a backup file expires, it will be automatically removed from the Cloud storage when another backup is created.

If you wanto to use the two-factor authentication to protect the App access, carefully follow the instructions on the page with the QR Code.
In the same page tou can see the backup code to be used in case of loss of the PwdCrypter© configuration of the authentication App you are using.

N.B.: for security reasons, if you export the password list to the LIST format and try to import it in an installation where 2-FA hasn't been set, the same configuration will be forced.
As a result, exporting to the LIST format (included saving to the Cloud storage and backups) becomes incompatible with older versions of the App that don't support 2-FA.

WARNING: the reminder features that use local push notification can have different behavior depending on the device.
It is known, for example, that on some Android devices, the push notification may be shown at the first launch of the App after the expiration date defined by the interval.

Support and information about the application

In this page you can find:

• the information about the author and the App version;
• the link to this guide;
• the access to the App privacy policy page;
• the link to the 3DCrypter website;
• the access to the page with the list of third party component licences.

If you are using an unlock code, you can see that in this page.

For doing a claim about this App or simply for supplying advises, you can use the module at the bottom of this guide.