<div class='os_post_top_link'><a href='http://www.ebwfoto.com/c4free/swise.html' target='_blank'>http://www.ebwfoto.com/c4free/swise.html</a><br /><br /></div>"There are many applications that protect access to PDAs, but almost all of them use passwords or PINs to authenticate the user to his or her device. SignWise uses personal hand-written signature to authenticate. Signatures are much more secure than passwords or PINs in that they cannot be lost, forgotten, or shoulder-surfed, and are extremely difficult to forge."<br /><br /><img src="http://www.pocketpcthoughts.com/images/web/2003/parekh-20040202-SignWise.gif" /><br /><br />Looks interesting -- has anyone tried it?

I'm not sure this is such a good idea. I mean, when I sign on those computerized pads for credit card purchases, my signature looks really wonky. What if your digitizer gets messed up?

Looks cool, but is their a failsafe of a password in the event for some reason it won't recognize your sig?

I'm not sure this is such a good idea. I mean, when I sign on those computerized pads for credit card purchases, my signature looks really wonky. What if your digitizer gets messed up?

My signature is pretty crappy on those credit card machines too, but I think your handheld might have higher resolution or something? I guess the test would be to sign your name on the hand held in Word or something else that would just capture it as a drawing.

It doesn't have to recognize it, meaning convert it to text, because it analyzes the pattern. If you could consistantly sign your name the same way on your hand held, chances are it would work pretty well.

If you have an intensive program running when you turn it off (ie a game or something) the security will kick in, and when you turn it on, the digitizer will update very slowly in some instances, which may make it impossible to sign correctly, that could be a problem for some people.

I don't know about this specific program, but I've used these before, and I was able to forge the signature quite a bit, just by looking at it. Other than those, looks like a cool product, and even has a calendar/clock on the screen, a nice feature.

I remember reading a horror story about this software in the microsoft.public.pocketpc newsgroup. Somebody installed the time-limited demo, let the time run out on the demo, and then could no longer enter their pocketpc because the software would only show the expiration screen and the only option was entering a registration number. Since Signwise runs at startup, that left this person with three options...

1. buy the software (love a forced purchase don't you?)
2. hard-reset
3. travel back in time and uninstall the demo before it expires.

#3 might not be as cost-effective

This is similar to CIC's Sign-On for PalmOS that I used 2 years ago. Its good but gets all deary after a while having to sign in every time i need to unlock. However I stop using it because I never change my signature. What's to stop someone from searching the rubbish for my signature?

Having said that signature is still better than fingerprint scanning which is basically unchangeable. Fingerprints can be copied: http://www.itu.int/itudoc/itu-t/workshop/security/present/s5p4.pdf

I think pin numbers are safer as people change them more often.

Incidentally there was a version of Sign-On for PPC.

This is similar to CIC's Sign-On for PalmOS that I used 2 years ago. Its good but gets all deary after a while having to sign in every time i need to unlock. However I stop using it because I never change my signature. What's to stop someone from searching the rubbish for my signature?

I posted this on Geekzone exactly for this reason... I've used the CIC Sign-on for Palm OS years ago :lol:

I remember reading a horror story about this software in the microsoft.public.pocketpc newsgroup. Somebody installed the time-limited demo, let the time run out on the demo, and then could no longer enter their pocketpc because the software would only show the expiration screen and the only option was entering a registration number. Since Signwise runs at startup, that left this person with three options...

1. buy the software (love a forced purchase don't you?)
2. hard-reset
3. travel back in time and uninstall the demo before it expires.

#3 might not be as cost-effective

I would be very suprised if the SW manufacturer didn't have a resolution to this problem. (maybe a temp code that you can input that allows you to log on and remove the app)

Then again, I can usually tell within a few days if I am going to purchase an app. The person must have liked it if they actually went through the entire demo period.

Steve

I've tried it, but my signature is too different each time I write it. I got a message when I calibrated it (by writing my signature three times) saying that it wouldn't be able to recognize my signature accuratly. Too bad, seems like a nice piece of software.

I can do my signature 30 times in a row, and it'll be different every time. This app won't work for people like me (or prismejon).

This software would be bad news for me. My sig is different every time.

It worked fine for me, usually it recognized my handwriting on the first try, even though it looks different every time I sign. It measures things like the curviture of certain letters and spacing and things like that, so even though your signature may look different, your style of handwriting is always constant. I'd give it a try before dissmissing it as useless; it's an interesting program. If they could tweak the UI to be more futuristic, more flashy, I'd buy it.

My signature changes repeatedly and it has caused me problems in the past. I had to fill out a 30 page form with a well known government agency in the UK. The beaurcrat who reviewed it denied my application because he claimed the signature on the first page was not the same on the 30th page...

I don't know about the whole signing part, but the start-up screen itself is the best designed one I've seen. Wonder they have an option to use a numeric PIN instead... :lol:

Okay, I think I'll give this software a miss. I just came across this thread (http://www.pdacorps.com/forum/forum_posts.asp?TID=378) on PDACorps.com where Ben, the site owner, recounted his experiences of the earlier versions over a period of several weeks.

PPC start-up software is a scary enough concept without this kind of debacle.

I agree - it's a miss. I installed the trial version, and while I REALLY like the UI, I can't use it. My signature apparently doesn't have enough "data points" to build the algorithm. It seems to be based on how many times you lift and lower your pen when you sign your name. Since mine is basically one long squiggle, it wouldn't work.

I tested VisKeyCE for a while, back about the beginning of 2001. Worked great, until I forgot one or two of the tap points on a complex JPG I was using for a password backdrop. It works by training it with a series of taps on whatever image one likes, as many times as one likes. That's the password. I got locked out. Hard resets suck, especially back then, before I used Sprite:Lite, the early version of Sprite Backup. Nasty business. I don't use a password generally anyway, preferring to just keep my PPC under my control at all times.

So as for this signature thing; it scares me. My signature radically changes from one time to the next, sometimes appearing to have just 2 or 3 letters, other times looking almost like language. he number of dots and stuff changes too. I suppose if one too an average of 1000 of these little scrawls a pattern might emerge, but that's not very useful as a password. Maybe this thing could be rewritten to take at least an average of 5, in cases like mine? Nah, that'd take ages just to be able to use it. I like instant-on, and passwords prevent that.

I agree - it's a miss. I installed the trial version, and while I REALLY like the UI, I can't use it. My signature apparently doesn't have enough "data points" to build the algorithm. It seems to be based on how many times you lift and lower your pen when you sign your name. Since mine is basically one long squiggle, it wouldn't work.



What i think people are not thinking about is... it doesent have to be YOUR signature... infact i think it would be harder to crack if your useing someone elses. lets say your name is David Ross, why use David Ross as the signature? use John Smith. Then even if someone knew your name, and knew your handwriteing they still couldent get it.

Even better yet, dont use a name at all, just make dots and Lines in a way that you can remember, but that no one else could think of.

I agree - it's a miss. I installed the trial version, and while I REALLY like the UI, I can't use it. My signature apparently doesn't have enough "data points" to build the algorithm. It seems to be based on how many times you lift and lower your pen when you sign your name. Since mine is basically one long squiggle, it wouldn't work.
What i think people are not thinking about is... it doesent have to be YOUR signature... infact i think it would be harder to crack if your useing someone elses. lets say your name is David Ross, why use David Ross as the signature? use John Smith. Then even if someone knew your name, and knew your handwriteing they still couldent get it.

Even better yet, dont use a name at all, just make dots and Lines in a way that you can remember, but that no one else could think of.
I actually did something similar; I drew a cartoon character of mine (Luke the Slug - don't ask), and that worked just fine, even after several tries, with some variations. It was just a bit TOO complex for me to do every time I turned on my PPC.

I'm probably being too hard on the software, now that I think about it. I want it to be very easy and quick, but that would make the encryption pointless, sooo...not much use for me, personally. :|

I actually did something similar; I drew a cartoon character of mine (Luke the Slug - don't ask), and that worked just fine, even after several tries, with some variations. It was just a bit TOO complex for me to do every time I turned on my PPC.
One of the key points I took from Ben's experience on PDACorps was that he didn't even have to write his signature to get access to his PDA. He could write pretty much anything he liked and it would give a match. Not terribly secure...

I don't know about the whole signing part, but the start-up screen itself is the best designed one I've seen. Wonder they have an option to use a numeric PIN instead... :lol:

Transcreative make an application called Nicestart that should fit the bill for you. You can find it at Handango

Transcreative make an application called Nicestart that should fit the bill for you. You can find it at Handango
I checked out Nicestart a way back, but it did not allow me to initiate the password protection without turning my PPC off, which broke any ActiveSync connection. I like to be able to leave my desk/PC/PPC at any time, even in the middle of an install/backup/download.

I have since found StartUI (also available on Handango) which is skinnable and does allow me to secure my PPC whilst it's on. The developers are also infinitely more responsive than Transcreative or Carrot4Free :D

Thanks for the tip tho :)

I remember using a similar app a long time ago. I ended up giving it up mostly because it became annoying to sign every time I wanted it. But I recall it worked quite well. I think it was called Sign On, but I'm not sure. No idea where to find it though or if it's even still around.