Guarded Key for Business/Government use
One-click sign in from all computers in your organization
You can setup Guarded Key for sign in from authorized computers to prevent lost USB key
being used outside of your organization to gain access to your online accounts.
Guarded Key is setup with User Id and Password which is considered an administrator or owner of the database and
which works on any computer. This credential should use the strongest password (at least 8 characters long).
Then you can add credential for a specific computer which is especially useful if you would like to enhance safety.
You can add upto 255 credentials with user+computer combination. Authorized user can view/edit list of computers
Note: Limitation of 255 credentials is selected for practical reasons, considering how much time it takes to sign in on today's computers.
It could be increased in the future if necessary.
Sharing Online Identities
Share access to company's online accounts (suppliers, government agencies, etc).
Guarded Key can be setup to allow more users to access encrypted database.
Each user has his/her own user id and password.
Note: In this scenario all users have access to all accounts, so this option is only suitable for shared accounts. If you have private accounts
that you do not wish to share, you need two databases, one for shared accounts and your own personal Guarded Key database.
This is very easy to setup on a portable USB flash drive. See the example below.
Password distribution
Comercially available systems for password management and distribution are costly, require special hardware, complicated setup and maintenance.
Guarded Key on the other hand brings easy to use, absolutely secure and maintenance-free solution for your organization.
Considering that Guarded Key can be setup in 10 seconds, there is no competition on the market as of today.
Guarded Key provides among other features auto-generated password which allows absolutely secure password distribution.
Password is generated from building blocks by sophisticated algorithm using encryption, which guarantees that passwords are not predictable,
yet they can be re-generated from building blocks by a user who owns copy of the Guarded Key database and has valid credentials.
How it works? Person who creates a new account will define the following:
-
Provider
- usually domain, for example oursecureserver.com.
-
Id
- sign in id (full name, alias, email, employee id etc).
-
Variation
- used to alter password generation. Single character added or changed here,
completely changes resulting password string. It can be used to auto-generate new password in the future.
-
Use !@#$%^&*...
- punctuation marks are included with alphanumeric characters to create strong password.
It is used only if your website/server allows these characters to be used in password,
otherwise alphanumeric password is used.
-
Length
- password length can be set from 1 - 100 characters. Default value is 12.
This information can be transmitted without encryption as a plain text in email or via web site (or even radio/tv broadcast).
Receiver at the destination will sign into the Guarded Key database and enters these 5 elements.
Guarded Key then re-constructs correct password.
More about auto-generated password can be found
here.
Supervise Online Accounts
Managers! Have total control over important online accounts. Prevent changes in staff, illness,
maternity leave and other events from loss of access to important online resources.
In this case you can setup shared database where you add credentials for administrator or person who needs to be in control of online accounts and
you add credentials for every other employee who needs to use these online accounts.
Initialize Guarded Key database with user id and password for the administrator/supervisor which cannot be removed. Then add all other users.
Users will have to enter their password or administrator can choose password for them (based on organization's policy for Guarded Key application).
Teach employees how to use Guarded Key to sign in. Keep shared database synchronized and your company/organization will always have access and
control over these important online identities. Guarded Key can be stored on a network share in which case all changes to online accounts are upto date and
easily available. When using USB flash drive, employee needs to copy the database from USB to this network share after adding new online identities or
changing passwords. If employee loses USB key, no big deal. Nobody can decrypt the database and copy of the database is available on the network share or
in archive of your organization.
Example:
Guarded Key created for 2 employees and supervisor/manager on a portable USB flash drive
Guarded Key application can be renamed. In this example we use name of the department and employee Id as the name of the application and database.
Employee Id
|
Title
|
User Id
|
100365
|
Purchase Executive/Manager
|
user1
|
100488
|
Purchasing Agent
|
user2
|
100251
|
Accounts Payable Representative
|
user3
|
Solution 1:
F:\Private\Purchase_100488.edb (private encrypted database)
F:\Private\Purchase_100488.exe (application executable)
F:\Private\Purchase_100251.edb (private encrypted database)
F:\Private\Purchase_100251.exe (application executable)
(supervisor/manager is added into both databases)
Solution 2:
F:\Shared\Purchase.edb (shared encrypted database)
F:\Shared\Purchase.exe (application executable)
(all 3 employees share one database)
Copyright (C) 2011-2016 Robert Janik, Brno, Czech Republic
|