Auto encrypt/decrypt for S60

Discuss HanDBase running on S60 devices by Nokia, Samsung and others.

Auto encrypt/decrypt for S60

Postby benj » Sat Jun 20, 2009 2:11 pm

Are there plans to have auto encrypt/decrypt functionality for the s60 platform. It is a pain to have to but in 2 passwords each time I open a database. It would be nice if I could put in the password once and it would automatically encrypt/decrypt.

Why isn't encryption built into HandBase when a password is set?

Also, why can encryption passwords only be up to 7-8 characters?
benj
 
Posts: 9
Joined: Sat Jun 20, 2009 1:38 pm

Re: Auto encrypt/decrypt for S60

Postby dhaupert » Mon Jun 22, 2009 3:51 pm

benj wrote:Are there plans to have auto encrypt/decrypt functionality for the s60 platform. It is a pain to have to but in 2 passwords each time I open a database. It would be nice if I could put in the password once and it would automatically encrypt/decrypt.

Why isn't encryption built into HandBase when a password is set?

Also, why can encryption passwords only be up to 7-8 characters?


Thanks for writing. There is already a feature on the s60 version to 'auto encrypt on close'. Make sure you have that set. But from your description it sounds like you are using both the access password and encryption to accomplish the same purpose. If you are using encryption on your database and have fields marked for encryption, you don't need to set an access password to open the database. That feature (access control) is designed for the enterprise or the education setting, where there is one person designing a database and managing it, and many students or users who are using it. If you don't want them to access a certain function, you can lock it out.

You also mentioned that the password for encryption is limited to 8 characters, that is the limit for access control. Encryption allows for more characters. In actuality, testing this exposed a bug- it's supposed to stop you at 16 characters, but seems to be allowing more. Try to keep your encryption password under 16 characters, as it won't be decryptable on the desktop or other platforms if you use more!

Please let me know if there are other questions.
dhaupert
 
Posts: 4111
Joined: Tue May 26, 2009 11:51 am

Re: Auto encrypt/decrypt for S60

Postby benj » Mon Jun 22, 2009 11:05 pm

Dave, thanks for your quick reply.

Attached is a screen capture of the encrypt option. It only lets me enter 8 characters.

If I password protect a database, is it encrypted? I was using both password protection and encryption because I was under the impression that it's not encrypted unless I also encrypt it.

I checked "when decrypting data, remember passwork..." which works on the desktop. When I close the database on my phone (nokia E71X), it asks for a password to encrypt the data when I close the database. It also says "Password entered does not seem to match the last password" if I mistype the encryption password on the phone...which is good...but if I accidentally select OK then I wouldn't be able to access the database again if I put in the wrong password by accident. Also, if I just exit the database when it asks for the password for encryption, it just closes. Then again, do I now have an uncrypted database.

I used handbase extensively when I had a Palm phone. Now I want to use a database for passwords and want to make sure they are secure,

Thanks again, ben
Attachments
only 8 characters.JPG
only 8 characters.JPG (10.44 KiB) Viewed 1029 times
benj
 
Posts: 9
Joined: Sat Jun 20, 2009 1:38 pm

Re: Auto encrypt/decrypt for S60

Postby DavidDevaneyJr » Tue Jun 23, 2009 4:26 pm

benj wrote:Dave, thanks for your quick reply.

Attached is a screen capture of the encrypt option. It only lets me enter 8 characters.

If I password protect a database, is it encrypted? I was using both password protection and encryption because I was under the impression that it's not encrypted unless I also encrypt it.

I checked "when decrypting data, remember passwork..." which works on the desktop. When I close the database on my phone (nokia E71X), it asks for a password to encrypt the data when I close the database. It also says "Password entered does not seem to match the last password" if I mistype the encryption password on the phone...which is good...but if I accidentally select OK then I wouldn't be able to access the database again if I put in the wrong password by accident. Also, if I just exit the database when it asks for the password for encryption, it just closes. Then again, do I now have an uncrypted database.

I used handbase extensively when I had a Palm phone. Now I want to use a database for passwords and want to make sure they are secure,

Thanks again, ben


Hello,

I'll have to check with Dave Haupert regarding the 8 character limitation on the Desktop.

Regarding the S60 though. You are correct that if you enter a key different than what was entered before, say due to a typo, and press OK when it prompts you saying that it's not the same password, you won't be able to access your data if you don't know the correct password. That is one of the upsides, and sometimes downsides, to Encryption. If you press Cancel when prompted for an Encryption password it will NOT encrypt, or re-encrypt, the data. So your data would be left unencrypted and accessible if someone got hold of that database. So always be sure to enter an encryption password.

Regarding the "when decrypting data, remember password" option. That's not a database level setting it's a program level preference. So setting that on the desktop won't affect that setting on the S60 device. You'll need to get to the Open Database screen on the device, where you see your list of databases. Press the Options button and select Preferences. Then change the "Auto Encrypt on close:" option to Yes. That will enable the equivalent feature on the S60 device. Then when you open a database you'll be prompted for the Decryption password. Entering that will decrypt the data and display it. When you close the database it will automatically re-encrypt that data using that same password, like it does on the Desktop. So at that point you won't have to worry about mistyping the password and being prompted that it's different. You also won't have to worry about pressing Cancel when prompted for the password and having the data left unencrypted.

Regarding your original question. If you still have the Security Setting for Open Database set to Password Required you'll be prompted for that password first and then for the Decryption password. So as Dave suggested, change the Security Setting to Full Access and just leave the Encryption enabled so you are only prompted for a password once.

I hope this helps. I'll have Dave respond regarding the 8 character limit in the Desktop.
Regards,
David Devaney, Jr.
DavidDevaneyJr
 
Posts: 134
Joined: Tue May 19, 2009 11:01 pm
Location: Lake Worth, FL

Re: Auto encrypt/decrypt for S60

Postby benj » Sat Jun 27, 2009 1:08 am

I had another question buried in the last post.

If I password protect a database with a password needed to open it, is it encrypted? Password protecting seems a little "cleaner" than using the encryption feature since that is a database feature and you can't open a database with a bunch of XXXX like when a database is opened without being decrypted.
benj
 
Posts: 9
Joined: Sat Jun 20, 2009 1:38 pm

Re: Auto encrypt/decrypt for S60

Postby dhaupert » Sat Jun 27, 2009 10:08 am

benj wrote:I had another question buried in the last post.

If I password protect a database with a password needed to open it, is it encrypted? Password protecting seems a little "cleaner" than using the encryption feature since that is a database feature and you can't open a database with a bunch of XXXX like when a database is opened without being decrypted.


The password protection does not encrypt. That's what David and I were trying to explain above, but probably not doing a great job of it! The data is not protected in any way by the password feature. It just locks people from accessing a feature of the program from within the program. If someone stole your device and examined the files, all your data would be plain text and visible to them. If you're trying to protect your data, encryption is the best method- it means that if you don't know the password, there is no way for anyone to see the data. And the password is not stored within the database, its' only stored in your head (and where ever you may write it down elsewhere). Unlike the password feature, that has to store the password in the database so it can compare what is entered to what was set.

So for example, I use both passwords and encryption but never in the same database. In my Christmas Gift list database, for example, I use password protection. My family members are not computer hackers, so I don't worry about them examining the database, but don't want them opening the database and looking at what I'm buying them as gifts either ;)
My passwords database uses encryption because if I ever lose my device, I don't want anyone seeing all my private passwords.

Hope that makes more sense!
dhaupert
 
Posts: 4111
Joined: Tue May 26, 2009 11:51 am


Return to HanDBase for S60

Who is online

Users browsing this forum: No registered users and 0 guests