25th January 2021
Foreword: with the name App, application or software I mean PwdCrypter. With login password or master password I mean the password used for access to the application.
This policy may change due to the implementation of new features for the application. If you don't agree with this policy, you shall uninstall the application from your devices.
What it is: the PwdCrypter App is a instrument born with the aim of simplify the password management. With PwdCrypter you are able to access to all your passwords knowing only the login password (master password).
Master password: the first time you launch the App, it will ask you to create the master password. The password that you will insert, it will be registered locally and only on your device. So, this password is strictly personal and it will be saved nowhere. For the next access to the application, you shall remember the master password that you have choose during the first run. Anyway, you will be able to change this anytime using the feature Change Login.
Password registration: the passwords can be collected using the feature Add Password. As happens for the master password, all the passwords and the data linked to that (such as the e-mail, the username, the description, the security question, the answer of the security question, additional notes, the setting for the login form etc...) are saved locally on your device and/or on your Cloud storage (through the Cloud feature).
Password management: the passwords registered with the application can be cancelled or modified using the feature Password Management.
Cloud feature: the App can save the passwords list in the Cloud.
This feature is optional and it can be enabled by the user carring out the login on the OneDrive or Google Drive account, through the specific command in the PwdCrypter App.
The App does not register the Cloud credentials of the user, even it will access to files and folders outside the path reserved to the application.
With the "Remember me" feature will be saved an "access token", a short-lived item, in order to allowe the user to access to the Cloud without type again username and password.
At the first use, the App will create the path /App/PwdCrypter/ on your OneDrive space or the folder PwdCrypter on your main drive in Google Drive, in which it will be saved the file of the passwords list, the attachments and the configuration files.
N.B.: the implementation of the Cloud feature provided by the Google Drive service is available from the 2.0.0 version of the App.
Push notification: starting from the version 2.0.7 the App can receive push notifications.
The purpose of this feature is to send news about PwdCrypter to the users.
The capability to receive the push notification also depends on the device settings for the App.
In order to allow the comunication, the App open a comunication channel using the push notification service provided by OneSignal and, for the Android platform, using also the services provided by Firebase.
For information about the data gathered from Firebase, read the Privacy and Security in Firebase page, with particularly attention to the section "Cloud Messaging".
PwdCypter doesn't collect data related to the push notifications, with exception for the Windows 10 platform, where an identification value of the channel is saved to in an encrypted file. For this platform, the channel is opened using the WNS (Windows Notification Service) of Microsoft. This file is needed for optimize the push notification handling.
Use: during the use of the App, I reserve one's right to gather some data about your device. This data is gathered in anonimus form and it includes the Operative System, the number of sessions, the Country where you are, the version of the application and the signals of crash. This information is important for monitor and improve the application behavior and quickly act in order to resolve possible bugs.
Backup: the creation of backup copy of your password is charged to the user. The list of the password can be exported in file format using the feature; Transfer. Also the transfer of the passwords from a device to another shall be manually done by importing the file exported before with the feature Transfer.
Since the version 2.1.0 a Backup feature is available in order to simplify this operation. That feature allows to export the list of passwords to an archive file in zip format. The generated file can be saved locally or in the Cloud.
In order to help the user to remember to periodically backup its passwords, since the version 2.1.0, it is available the reminder feature that periodically send a local push notification. In any way, it is charged to the user remember to backup the passwords, regardless of the reminder feature is enabled or not.
Check of passwords: since the version 2.1.0 is available the feature to check the passwords saved in the App. This feature doesn't use any third party services and it is restricted to only make a formal check of the passwords.
I refuse any responsibility about the analisys: the aim is help to identify the passwords too weak and/or evidence the potential risk to guess passwords by malicious actors.
The user is not obliged to act in case of troubles highlighted by that feature, however the user can choose to periodically check the passwords using a reminder feature.
Security: the file containing the passwords is encrypted. Anyway, it is not garanteed that the file is absolutely unbreakable. It is charged to the user protect and save the login password. In addition, as security mode, the application ask to retype the master password after some seconds of inactivity (security logout).
The duration of the session can be configured in the settings panel of the App (default time of 5 minutes).
Responsibility: I dismiss any responsibility for any loss or theft of password. I advice to make backup copies of your passwords on other media and periodically change your master password.
I also dismiss any responsibility about the consequences of (local and not) push notifications not received.
Support and user guide: at the following link https://3dcrypter.it/PwdCrypter/ is available the user guide of the software. In the same page you can report bugs and ask support.
Contacts: for any question or doubts refer to the following e-mail address firstname.lastname@example.org .