FlexWallet has a maximum of 168 bit encryption, I believe. Just how safe is that? Would somebody be able to crack that? Does different method of encryption change anything? Ex: RC2 128 bit as opposed to RC5 128 bit or 3DES 168 bit.

Hi,

We sell a wallet of this type (Ilium Software's eWallet) as well so I'm happy to reply.

Consider this. In a contest to crack 64-bit encryption here is how it was done:

331,252 people were able to accomplish by joining together and working for nearly five years.

This was a distributred computing project and it should drive home just how secure your data is. Unless a few hundred thousand people have a lot of time to blow odds are no one is getting to your information.

A few common sense things to consider of course are:

1: You've chosen a good password that can't be easily guessed
2: You've used all the available security options (eWallet can lock a wallet after a timeout, prevents multiple guess attempts, etc.)
3: You've set all categories to password protected
4: The wallet program you choose does NOT store the password in a readable format in the file (eWallet does not store the password in a readble format)

Hope this helps!

Marc Tassin
Ilium Software
--------------------
[email protected]
+1 (734) 973-9388
---------------------
http://www.iliumsoft.com

I don't mean to knock eWallet, or any other digital wallet out there. I use one and it's very useful.

This is more in response to your 64-bit encryption comment. Yes, it would take a great effort to crack the it. But even with a million bit encryption, the weakest link is the front door. I only have a 4 digit password on my Digital Wallet which gives a 1 in 10,000 chance of someone guessing my password. Now it wouldn't take someone very long (relatively speaking) to crack that. Just copy the wallet file and then somehow automate entering the password from 0000 to 9999 and eventually you'll get it. Now not everyone is going to go to that much effort unless they had a REALLY good reason to do so. And if they really wanted your info, they would find a way.

I just wanted that one extra security layer there just in case my PPC gets stolen or lost. If someone were to find it, my account info, username, passwords would at least be hidden. But follow Marc's suggestions and that will get you better security.

Before I got my digi-wallet, I just had everything stored in with my regular contacts. Zero security. Now I feel a little more confident. My PPC can always be replaced (or upgraded :D ) if lost. But having to call all my creditors and have them cancel all my accounts is just a HUGE pain. I've had to do it before when my regular wallet got stolen.

But all in all, digital wallets are a great piece of software. I would highly suggest one. It's one of those bits of software that Microsoft should have included as standard in the OS.

Robb

I only have a 4 digit password on my Digital Wallet


8O

Jiminny! Why only 4 digits???

Of course, someone finding your wallet would have to presume that you've only used a 4 digit password.

I use FlexWallet (got it for $4.95 when they had a special :wink: ). While they're limited to a numeric keypad for the password, my number is 13 digits long! It's a composite of segments of numbers that are memorable to me, so I don't really remember the 13 digits per se, I remember the segments. Yeah, it takes a few seconds to tap out 13 digits, but I feel pretty good about no one guessing my password! :)

8O

Jiminny! Why only 4 digits???

Of course, someone finding your wallet would have to presume that you've only used a 4 digit password.

For ease of use. I'm a big advocate of simplicity. If you can't whip out your PPC and pull up some info in less than 5 seconds, then it's too complex. I figure the chance of anyone guessing my 4 digit password on the first few guesses is realistically just about as likely as someone guessing a 20 character letter/numer/symbol password. Yes, the statistical odds are different, but I guess it's like when they "improve" the lottery. Instead of a 2,865,275,124 to 1 chance of winning, you now have a 1,783,964,364 to 1 chance of winning. Now really people. :roll:

It's either, they know my password, or they get locked out after several guesses.

Robb

I only have a 4 digit password on my Digital Wallet which gives a 1 in 10,000 chance of someone guessing my password.

8O I consider anything less than a 10 digit alpha-numeric password a little weak.

I use Ilium eWallet 2.0.3 with a 128-bit key and a strong password. I doubt that a typical street thief would have the intelligence, fortitude, or resources to crack it. So unless the NSA comes under the impression that I’m a threat to national security and believes having my pwd to Fictionwise and banking accounts will save the county from terrorist attacks, I think my data is pretty safe.

Well thats safe enough for me. I didnt think cracking it was THIS hard. I use an 8 digit numerical password. I'm evaluating FlexWallet right now, but I will deffinitely check out eWallet and CodeWallet.

Thanks for the info.

I use eWallet and have been using it for a long time now. I never leave home without it, why because as I go from client to client all important information is stored there, login, passwords, back doors etc.. GET it, use it and you will love it.