Security notes
- The Lite version uses XOR encryption, which is significantly weaker than the Triple DES encryption of the full version.
- Single DES encryption has an effective key length of 56 bits. In 2008, it took approximately 24 hours to crack DES using a $10,000 custom built machine.
- The full version of Password Pad uses Triple DES, which has an effective key length of 112 bits. Each additional bit doubles the amount of time required to brute-force crack the password. The same $10,000 machine would require approximately 197 trillion years to crack a Triple DES encrypted text.
- Triple DES security is used by the electronic payment industry to secure your credit card and ATM transactions.
- It is likely that the most effective way to crack an encrypted text in Password Pad is a dictionary search. Your data is only as secure as the password you choose.
- Both versions convert the input password into a cryptographically secure key with PBKDF2 using 10000 rounds of iteration.
- Don't lose your password, it will be next to impossible to recover your text!
