Secret Safe, Version 3.5.1

Help

Basic Usage Hints:

Master Password

The master password is your central key to secure all entries stored in the safe. Despite the fact, that the app requests only a minimal length of 6 characters for the master password, it is highly recommended to use longer passwords (10 or more). If you want to use character based passwords, instead of using the phone keyboard, click in the input field, to open the soft keyboard. A basic set of characters can be entered also using "long-click" on the numeric buttons. Use the "ENTER" key to finalize your input.
Keep the chosen master password safe. If you cannot remember your password, all data is lost, when you have not exported a backup of your data.

In case you cannot remember your password, but have a backup, it depends on the setting Unlock behaviour, what you have to do:

Add and Edit Entries

Please note when adding or editing entries, you have to save changes using the button "Save". If you leave the input screen using the hardware button "Back", the changes are not saved!

In all multiline text fields of entries with the type Note and PIN Code and in the URL field of the type User name / password you may enter hyperlinks, which can be clicked in the display screen of the entry. If you enter e.g. http://www.google.com and click on this link in the display screen, your Android browser will be started and open the Google web page. In the information field for PIN codes, you may also enter clickable phone numbers, e.g. +1-800-528-4800.

Display of Entries

From the display screen for entries of the type User name / password you may copy the user name or the password to the clipboard of the Android phone. If you have also stored an hyperlink of the login page, you can log-in very easily with only a couple of clicks. Note: For security reasons all data copied to the clipboard by Secret Safe is deleted from clipboard after 30 seconds.

Change the Master Password

To change the master password, you have to key in the old password first.

Backup

All entered entries are stored in the local Sqlite database of your Android phone. Secret Safe offers two possibilities to backup and restore all database entries. For both possibilities, the entries are exported as CSV values. CSV means "Comma Separated Values" and is a simple text format, which you can display with a text editor and also with Microsoft Excel or Open Office at a PC. For every entry one line with values in double-quotes and separated by commas is exported. Example:

"note","Wish list","Wish 1\nWish 2\nWish 3"
"up", "Google account","example-name","example-password","https://www.google.com/accounts/Login"
"pin","AMEX card","2345","","Number: 0123 3456 7890 1234"
"contact","John Doe","epr","john.doe@yahoo.com"
"link","Search Google for Android File Encryption","http://www.google.com/m/search?q=android+file+encryption"

Please note, that the CSV data is exported using the UTF-8 character set of Android and that the first value of each line must be either "up" (User name / password), "pin" (PIN code), "note" (Note), "link" (bookmark) or "contact" (contact). Hint: The easiest way to create an initial CSV import file is to start with an export of the sample content and then modify the content. A formal documentation can be found at http://www.giraone.com/help/SecretSafe/SecretSafeCSV.html.

The two possibilities offered for performing the backup differ in the way, how the data is exported:

Restore

To restore your entries from a backup file, select it using the appropriate restore button. Please note, that since version 3.3 the restore function checks whether an entry is already in the database using its title, type and category.

Note: Both versions "Secret Safe" and "Secret Safe Lite" can use the same default backup folder. This offers the possibility to migrate from "Secret Safe Lite" to "Secret Safe" by restoring a backup of the lite version into the full version.

Synchronize or copy data between two devices/phones

Clipboard

Be careful when using the app's feature to copy passwords to the clipboard. Other apps can access this data! There might be even apps, that have registered themselves to automatically get this data. This is a general security problem on Android devices. If you use the feature, please wait till the message that the clipboard has been deleted has appeared before leaving the app. On the first use also check, whether the text in the clipboard on your device is really deleted. There are many vendor specific clipboard implementations, where the delete operation is not working properly. A serious problem exists on Samsung Galaxy devices: unfortunately Samsung has added a proprietary clipboard "history" feature, capable of storing up to 20 "historical" entries, which cannot be deleted by a programming interface only by the user itself. Therefore we recommend that you do not copy any passwords to the Samsung clipboard at all!

With version 3.1.0 an experimental setting was added to Secret Safe that tries to overwrite all 20 clipboard history entries. Because Samsung's clipboard history is filtering equal entries, the numbers 1 to 20 are written to the clipboard! We cannot guarantee, that this feature is working on all Samsung devices and versions, but we would appreciate any comments on the features.

Revelation mode

For situations where you are forced to reveal your master password, you can define a second password in the app's settings. If you have defined such a password, you can log in with this password and all operations are made on a second "fake" database. It is up to you to define the content of this database as realistic as possible.
There is one small indicator how you can check, whether you are in the "revelation mode": the title of the list screen will display square brackets [] instead of parentheses () for the number of entries. You will also notice that the setting for "revelation mode" itself and this help text is not displayed.
Important:

Exit

The EXIT menu of Secret Safe finishes the app completely. This behaviour can be changed using a setting, but it is recommended to keep the default. It prevents malware from having the possibility to use memory dumps or memory debugging, after Secret Safe was used.

Inactivity

If the app was put into the background for more than 2 minutes, the start screen will be displayed, when the app is resumed. This means you have to enter the master password to unlock the safe.

Password generator

The password generator is available for the type "User name / password". The generated passwords are 8, 12 or 16 characters long and can be combined from:

Different combinations can be chosen. When using certain combinations, some characters are suppressed, e.g. the digit 0 and the uppercase letter O or the lowercase letter l (L) and the uppercase letter I.

Credits and Copyright

This app uses Open Source from the following projects:

Special thanks to Andrey Kharitonov for the russian translation.

Features

If you have suggestions to improve the app, please mail your opinion to secretsafe@giraone.com.

Online Version of this manual

http://www.giraone.com/help/SecretSafe/help.html

Liability

The supplier of this software will not be liable to you for any damage or loss of data. Please use the backup functionality of this app continuously and carefully.


Copyright giraone.com