Password Guardian (included in Cynorix Secure File Sharing)

  • Vast majority of hackings have a simple starting point when a hacker gains access to a victim’s password. The most effective remedy is to select a complex password, however, a complex password is also easy to forget. In addition, even complex passwords are stored on an external server responsible for authentication and is prone to hacking. To address this problem, Cynorix has invented a technique for password recovery which neither stores the password itself, nor any useful information about the password. In addition, the legitimate owner will be the only individual who can recover the password on his/her local computer.This technique can be easily combined with many on-line services relying on password for authentication and/or encryption key generation.
  • At the registration phase, client selects some questions and provides answers for them. Answers are used within client’s trusted device to build an encryption key, which will then encrypt client’s password on his/her trusted device. Encrypted password is saved on the server.
  • To recover the password, client needs to go through Cynorix authentication, and if successful, questions will be sent to client’s computer and will be displayed. Upon providing the answers, the encryption key is reconstructed, and the encrypted password is decrypted and displayed (all operations happen within client’s trusted device). Then, the password is erased. Neither the password, nor the answers to questions, ever leave client’s local device. Answers are erased immediately after encryption key is reconstructed.
  • Note: In Cynorix secure file sharing, client password is first mixed with a random number (called salt) which, unlike existing solutions, is not transmitted over the network, and changes for each encrypted file.