Some software products in the PIM category may allow encrypting the database at the end of the day when exiting the program. This requires opening the database before accessing it and leaving it open and vulnerable as long as it is used.
In AbsolutePrivacy, all information is permanently stored in encrypted form on the hard disk. There is no need to decrypt a complete database file before opening it.
By decrypting only one record at a time in volatile memory before displaying it on the screen (see below: Single Record Encryption), fool-proof data security is provided because encryption is executed continuously and reliably in the background, without the user ever having to care about it or having to remember encrypting the file after closure.
Single Record Encryption/Decryption
Every single piece of information (record) is encrypted with one out of tenthousands of passwords (see next paragraph). When reading a specific record (e.g. an address), it is copied to the volatile memory (RAM) where it is decrypted before being displayed on the screen. On the harddisk it remains stored in encrypted form. The plain (decrypted) information is NEVER EVER stored on the harddisk or any other storage device, not even partially. If the record is modified, it passes the encryption filter before being written back to the harddisk. Nobody will ever be able to hack or to decipher any info by analyzing the harddisk, not even with the most sophisticated methods available.
Thousands of Encryption Keys (Passwords)
While the database is opened with one main passphrase (the Master Passphrase), internally, tens of thousands encryption keys (composed of random characters) are created with a special algorithm and used to encrypt every piece of information individually. The likelihood of the same key being used more than once in 50000 records is almost nil. In other words, in an average sized database, all records are encrypted with different, individual keys.
Highly secure Encryption Algorithms
The 128 – 256 bit encryption algorithms are similar to those used by the military and are among the most secure. It has been calculated that the 128 bit encryption algorithms are so strong that it would take a network of supercomputers significantly longer than the age of the universe to crack the code (millions of years), not to speak of 192 and 256 bit encryption, used extensively in the program, too. Since every record is encrypted with an individual password, in the utopical event of someone succeeding to break the code, only the information contained in 1 single record would be uncovered.
Auto-Shutoff / Auto-Block Data Access
If you activate this function, the program will be closed automatically after a customizable period of 1-15 minutes of inactivity. This prevents you from inadvertently forgetting to close your database when leaving your workstation.
Alternatively, you can opt for not closing the program, but to only hide the data you marked as private or to close the active section (e.g. the Calendar or the Diary) when the program has been idle for some time.
Hide Private Records
This function provides an additional level of security: records flagged as private can be hidden when someone else (e.g. your secretary) is allowed to use the application.
Time-Limited Clipboard Content
Many times, information retrieved in the organizer has to be copied to other applications with the copy-and-paste technique. There is risk that sensitive data (e.g. passwords) remain inadvertently in the clipboard for long time, even after closing the organizer. In order to avoid this security gap, content copied to the clipboard is kept there only for 30 seconds, normally sufficient to be used in other applications. AbsolutePrivacy clears the clipboard memory also when exiting the program.
Optional PIN (secondary passphrase) to access applications
When used by more than one person, the administrator/owner of the database file can protect single sections (like the budget or the diary section) additionally by defining a PIN code or, conversely, give another person (e.g. the secretary) exclusive access to a specific section. In combination with the “Hide Private Records”-function, the PIN enables for instance the secretary to use the budget and the address/contact section, without being able to see the private records. No other person trying to gain information will manage to open any of the PIN-protected sections.
Minimum passphrase length: 8 characters. The more characters, the lower the risk of cracking the passphrase (8 characters reflecting the available keys of the keyboard would theoretically require a mean of 92^92/2 attempts to open the database; therefore, it is important to use a relatively difficult to guess passphrase, the longer the better, preferably containing non-alfanumeric keys)
Forced delay between passphrase inputs: 2 seconds (this makes it virtually impossible for automatized brute-force attacks to open the database)
Maximum number of retries: after 3 wrong passphrase inputs, the application is closed. Reopening the program takes some time, which is an additional protection against brute-force attacks.