C'YaPass: Forget All Your Passwords

Never Memorize A Password Again
Never Type A Password Again
Never Make Up A Password Again

How Is C'YaPass Different Than Other Password Managers?

It's time to start using something to manage your passwords.  However, the apps out there are all the same.  They save your password somewhere -- either in their database at their web site or in a file you have to manage.

Below is a list of ways C'YaPass is different along with a list links to other password managers.  No matter which password manager you choose -- even if you don't decide to us C'YaPass -- you really should start using one today.  There are too many passwords for us humans to manage strong ones for all our accounts and web sites.  Let the computer help you.

How is C'YaPass different than other password managers?

  1.  C'YaPass never stores your password anywhere.  Other password managers store your passwords at their site or in a file you manage.  C'YaPass generates your password from the pattern you draw and the site key you choose each time you run the app.  It does not store your password anywhere.  I know that sounds like magic.  You can read more about it and see screenshots here^.
  2. C'YaPass is always free.  Other password managers charge you a fee.  Here's a list of other password solutions with links and prices:
    1. KeePassX^ is also free, however it requires you to manage an encrypted file of all your passwords.  You have to sync the file across devices and I have a friend whose only file was corrupted and he could not recover his passwords.  It's also not very user-friendly for non-tech users.
    2. Dashlane^ is $39.99 a year.  
    3. LastPass Premium^ is $24/ yr  Yes, there is free versions of LastPass and many of these apps but the free versions don't allow you to sync your passwords across devices.  (Also, LastPass was hacked^.)
    4. Keeper Password Manager^ is $29.99 / yr 
    5. Password Boss Premium^ is $29.99 /yr
    6. AgileBits 1Password 6^ is $35.88 /yr
    7. Sticky Password^  $29.99 /yr
    8. RoboForm 8^ $19.99 /yr
    9. True Key (Intel)^ $19.99 /yr (for unlimited passwords) Is an interesting option that lets you sign on on compatible devices using your face or fingerprint.  Their promise is no more passwords. However, the free option is only available if you have 15 or fewer passwords.  Once you start using this you'll find that you most likely have upwards of 40 or more.  That's why passwords are so ridiculous.  We have far too many of them.
  3. You can use C'YaPass without signing up to any service. Just download the app for your platform (Android, iOS, Windows) and go.  Many of these services require you to sign up for an account on their site.  With C'YaPass you manage how you use the app.
Watch this video which shows how you C'YaPass in action across devices (shown on iPhone and Windows, but it is the same on Android).

Try It In Your Browser, Get the App Free

You can try it in your browser, here, on this site at: http://cyapass.com/page/CYaPass-Web-App^
Once you try it in your browser and see how easy it is you'll want to get the Android, iOS and Windows versions for free.  
Here's where you can get the iPhone/iPad, Android and Windows versions.
iOS / iPhone / iPad

The iOS (iPhone / iPad) version is available for the first time today (12.08.2016) in the App Store at:

https://itunes.apple.com/us/app/cyapass/id1183137527?mt=8^

Android

You can also get the Android version in the Google Play store at:

https://play.google.com/store/apps/details?id=us.raddev.cyapass^

Windows 

You can get the Windows version here at this site (just click the Get C'YaPass menu or follow this link: http://cyapass.com/page/get-c-yapass^

Top Security Experts: Your Passwords Are Weak

Here's a compilation of top security experts explaining why your passwords are weak, how easily they can be cracked and how quickly your accounts will be compromised.

Ars Technica Contest: Winner Cracks 90%

Ars Technica set up a contest to hack passwords.  The winner was able to crack 90% of them and the hacker who won second place was able to get 62% of them (out of a total of 16,000 passwords).  Read all the details of how they did it at: http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/^

XKCD : CorrectHorseBatteryStaple Is Weak

Many people know about the XKCD method popularized by the comic : http://xkcd.com/936/^

Maybe you think these long passwords are uncrackable.   They're not any more.  

Don't Base Passwords On Any Natural Language Words

Your password has to be more random, because computing power allows huge dictionaries to be tried in all manner of combination and are able to crack passwords based upon words.

C'YaPass Generates Random Hashes With No Words

C'YaPass passwords are only letters and numbers and contain no words.  They are simply the SHA256 hash which is cryptographically strong -- you can't just try to guess them with brute force methods.  Brute force methods would take more time than there has been since the beginning of time.

Bruce Schneier, Top Security Professional, Explains How Passwords Are Cracked


He even created a method that insures you don't use any natural language words since the crackers are adding commonly found phrases to their dictionaries.  
Under his method for creating strong passwords you
  1. Choose a passphrase (sentence you'll remember)
  2. Convert it into a password by choosing first letter of each word
  3. Alter some chars with uppercase
  4. maybe add in a special character here and there
His example looks like:
"This little piggy went to market" might become "tlpWENT2m"

Overwhelming : Creating One of Those For Every Site

I think creating one of those for every site is extremely overwhelming though.  Passwords debt is a huge technical problem.  

This video is really funny because we've all been through these things with passwords.


Every Site Has Suggestions For Creating Passwords

Kim Komando : Radio Technology Expert

Here are Kim's suggestions for creating strong passwords:

Basically, the same advice that Bruce Schneier gives.

Microsoft: How To Create A Strong Password

Microsoft chimes in on what to do:
One of the five rules they provide is:
"Doesn't contain a complete word."

PNC Bank Provides Customers With Ideas For Strong Passwords


The PNC site refers to one of the online password generators which you can use to generate your password.

Strong Password Generator


Here are some sample passwords that the generator will create for you:
  • ecNt/KsDaSUXo9J
  • bzeP6cc[k_9pnJk
  • ^>/7P-k{(A 1@;o
But, how are you going to remember those?
You'll probably have to save them in a text file or write them down somewhere.

Also, you could create passwords like that by simple mashing on your keyboard so I'm not sure how much added value this provides.
Even the GeekSquad gets in on describing how to create strong passwords.

GeekSquad (BestBuy) : Creating Strong Passwords


All of this is absolutely overwhelming and 95% of people who are online are never going to examine how to create a strong password.

Contradictory Information

There's also a lot of information that contradicts each other out there.  For example, this lifehacks article says that password generators re-use passwords and you should probably stay away from them.

You Must Create Strong Passwords

Whatever method you choose, you must create stronger passwords.
Obviously I believe the best way is to get C'YaPass for free and start drawing your passwords.  

With C'YaPass you'll:


  • never memorize a password again
  • never type a password again
  • never make up a password again

It's Free: Try It Now

Browser Version Is HTML5 Canvas

The browser version does not require installation of anything.  It does not use Flash.  It runs in your browser via HTML5 Canvas.
Try it in your browser, right now.  Just click this link and it'll open in a new tab/window: http://cyapass.com/page/CYaPass-Web-App^

Try the Browser Version, Get the App Free

Once you try it in your browser and see how easy it is you'll want to get the Android, iOS and Windows versions for free.  
Here's where you can get the iPhone/iPad, Android and Windows versions.
iOS / iPhone / iPad

The iOS (iPhone / iPad) version is available for the first time today (12.08.2016) in the App Store at:

https://itunes.apple.com/us/app/cyapass/id1183137527?mt=8^

Android

You can also get the Android version in the Google Play store at:

https://play.google.com/store/apps/details?id=us.raddev.cyapass^

Windows 

You can get the Windows version here at this site (just click the Get C'YaPass menu or follow this link: http://cyapass.com/page/get-c-yapass^

Users Don't Want Apps, They Want Magic

Security is boring.  Absolutely mind numbing.  Passwords are the most boring of all.  

No one wants to think about creating and managing passwords.  Users want apps to magically solve their problems.

Automatic Grocery List?

Wouldn't an automatic grocery list be cool?  Some app where every time you need ketchup or a jar of pickles and you don't want to forget you simply just say the item and it's added to a list. That would be great.  I have Google Home and it will help you do that.  That's almost magic.

Users don't want a solution, they just want some magic.  Wave a magic wand and make things easy.

Passwords : The Price We Have To Pay

The problem is that passwords are a part of the price we have pay to use the Internet.  Maybe someday the major companies will group together to destroy all passwords.  Maybe.  For now we have to deal with passwords.  That means you need to make a plan and actively manage them.  

Once You're Hacked, Everything Changes

If you get hacked, there will be no magic.  No hero on a white horse will come riding out of the sunrise to fix all your accounts.  And, the bank may even decide not to refund your stolen money.

That's what happened to Kristina Markula of San Francisco when hackers made Cardless ATM withdrawals against her Chase account.  Read all about it at : https://krebsonsecurity.com/2017/01/stolen-passwords-fuel-cardless-atm-fraud/^

C'YaPass Generates Strong Passwords

This is why I think you should try C'YaPass as soon as possible. This is why I make it available free for your use.  

C'YaPass Magic

I've tried to make it magic by allowing you to draw your password.  That's right you can draw your password so that you: 

  1. never have to memorize a password again.
  2. never have to type a password again.
  3. never have to make up a password again.
That's almost like magic.  

Try It For One Account, Then More

At least try it from the web for one of your accounts and see that it creates extremely long and strong passwords and then you can try it for more accounts as you like.

It's easy to try and free to use.  An ounce of prevention is worth tons of cure in the case of security.

Browser Version Is HTML5 Canvas

The browser version does not require installation of anything.  It does not use Flash.  It runs in your browser via HTML5 Canvas.
Try it in your browser, right now.  Just click this link and it'll open in a new tab/window: http://cyapass.com/page/CYaPass-Web-App^

Try the Browser Version, Get the App Free

Once you try it in your browser and see how easy it is you'll want to get the Android, iOS and Windows versions for free.  
Here's where you can get the iPhone/iPad, Android and Windows versions.
iOS / iPhone / iPad

The iOS (iPhone / iPad) version is available for the first time today (12.08.2016) in the App Store at:

https://itunes.apple.com/us/app/cyapass/id1183137527?mt=8^

Android

You can also get the Android version in the Google Play store at:

https://play.google.com/store/apps/details?id=us.raddev.cyapass^

Windows 

You can get the Windows version here at this site (just click the Get C'YaPass menu or follow this link: http://cyapass.com/page/get-c-yapass^

Note: Hat and wand image from https://openclipart.org/detail/132133/magic-hat-and-wand^

Passwords Are Everywhere, But So Is C'YaPass

Passwords are everywhere. We are drowning in passwords. You have too many of them to realistically and easily manage.   That's one of the main reasons people create weak passwords.  There are just too many.

C'YaPass Is Everywhere

That's why I've developed C'YaPass for use on every platform (Android, iOS, Windows and now you can even run it right in your browser from cyapass.com).

Make 2017 the year you stop creating and memorizing passwords and let C'YaPass do it for you.

Try it in your browser, right now.  Just click this link and it'll open in a new tab/window: http://cyapass.com/page/CYaPass-Web-App^

Browser Version Works In All Six Major Browsers

C'YaPass works in Microsoft Internet Explorer & Edge, Google Chrome, Mozilla Firefox, Apple Safari, Opera Software Opera.
There are no more excuses for not using strong passwords.  Try out the software in your browser right now, here at this web site.

Try It and Help Yourself Have Stronger Passwords

I hope you'll try it and help yourself with all your password management.
Remember, C'YaPass never transmits your passwords nor stores them anywhere.  It simply generates a strong password for your use.

Browser Version Is HTML5 Canvas

The browser version does not require installation of anything.  It does not use Flash.  It runs in your browser via HTML5 Canvas.

Try the Browser Version, Get the App Free

Once you try it in your browser and see how easy it is you'll want to get the Android, iOS and Windows versions for free.  
Here's where you can get the iPhone/iPad, Android and Windows versions.
iOS / iPhone / iPad

The iOS (iPhone / iPad) version is available for the first time today (12.08.2016) in the App Store at:

https://itunes.apple.com/us/app/cyapass/id1183137527?mt=8^

Android

You can also get the Android version in the Google Play store at:

https://play.google.com/store/apps/details?id=us.raddev.cyapass^

Windows 

You can get the Windows version here at this site (just click the Get C'YaPass menu or follow this link: http://cyapass.com/page/get-c-yapass^

Note: Image is from openclipart.org. See more details at: https://openclipart.org/detail/225506/Drowning-colored

Hey, Passwords, Leave Those Kids Alone (Gen Z aka Post-Millennials)

Generation Z (aka Post-Millennials) are not bothered by passwords at all.  They simply create one and use it everywhere.

In an earlier blog entry ( Why Did I Create C'YaPass? Who Will Use It?^ ) I told the story of my son's friend (a Gen Z'er) who explained that she uses the same password everywhere.  She admitted to being hacked and it was meaningless to her.  

Yesterday I was discussing C'YaPass usage tests with one of my angel investors who is also a teacher at a college prep school.   He said, 

I had one of my students try C'YaPass.  The student told me the software worked great and that he really liked it and thought it was easy to use.  

I was smiling and happy to hear that, but I could hear the hesitation in his voice and knew he was about to reveal a large but...

My friend continued : 

The student also said, "kids my age will never use that tool though, because we just enter some random characters and use the same password everywhere."

This may also answer the question that everyone has about how one billion Yahoo! accounts were hacked^.

I Understand The Sentiment

I understand the sentiment expressed by the student.  I have two children of my own who are GenZers and they basically feel the same way about passwords.  Of course, I've basically driven them crazy with all my talk about how their weak passwords will be hacked.  

There Are Many Reasons To Not Use C'YaPass

Here are some reasons that you may not want to use C'YaPass

  1. You will have to download the iPhone/iPad or Android app and install it.  You will also, most likely want to get the Windows version and install it.  That will probably take you 5 or 10 minutes.  Gen Z isn't interested in that.
  2. You will have to change passwords on your accounts to use the new strong passwords which are generated by C'YaPass.  That's work and a bother for a lot of people.
  3. You will have to change your thinking.  Where you normally type your passwords (often on a onscreen keyboard with your thumbs) you will now make sure C'YaPass is open and have it generate your password so you can paste it into the password box.
  4. Maybe you're afraid that C'YaPass stores your passwords or transmits them across the Internet?  It does neither of those things. It does not store your passwords anywhere and it transmits nothing across the Internet.

There Are A Few Great Reasons For Using C'YaPass

  1. You will never have to type a password again.  Instead you draw your pattern once and choose your site/key and your password is generated and copied into your device's clipboard.  From there, you simply paste it into the password box.  Very easy.
  2. You will never have to memorize a password again.  Instead, simply create your site/keys, draw your pattern and C'YaPass generates your password.  No memorization required.
  3. You will never have to make up a password again.  C'YaPass generates strong passswords for your unique pattern and each of your unique site/keys.  If you need a new password for a new site, just add the site/key and you'll have a new password.
  4. Your passwords will be far stronger than anything you can make up.

Convince Gen Z

Try everything you can to convince your Gen-Zers to use C'YaPass. It will help to keep them more safe and it really isn't too much more difficult than making up their own random password.

Get the app or try it in your browser


Try It In Your Browser


Here's where you can get the iPhone/iPad, Android and Windows versions.
iOS / iPhone / iPad

The iOS (iPhone / iPad) version is available for the first time today (12.08.2016) in the App Store at:

https://itunes.apple.com/us/app/cyapass/id1183137527?mt=8^

Android

You can also get the Android version in the Google Play store at:

https://play.google.com/store/apps/details?id=us.raddev.cyapass^

Windows 

You can get the Windows version here at this site (just click the Get C'YaPass menu or follow this link: http://cyapass.com/page/get-c-yapass^

One Billion Yahoo! Accounts Hacked: What Does It Mean?

The New York Times headline shouts, Yahoo Says 1 Billion User Accounts Were Hacked^, but what does that mean?

First of all this hack dates back to September, 2013, so there's no way to unscramble these eggs.  If the data in your Yahoo! account has been compromised I suppose you have to protect yourself from every angle now.  If you had documents that reveal more about your identity in there then the hackers may know a lot about you.

Yahoo! says that the following items were exposed:

  1. account telephone numbers
  2. encrypted passwords
  3. birth dates associated with account
  4. plaintext security questions 
Let's talk a bit about number two from that list, encrypted passwords.

Encrypted Passwords : MD5 Hash

The encrypted passwords as Yahoo! calls them are actually MD5 hashes of the account's password.  It is similar (but much older and proven in the past to be insecure) to SHA-256 hash.  Modern computing power makes it possible to hack many of these passwords in a short time through brute-force attacks.  I've written about brute-force attacks here and you can read more about it at: ( http://cyapass.com/post/how-hackers-crack-passwords-part-1 ) 

Making the Brute-Force Attack Impossible

However, even with the older MD5 hash technology being implemented, if your account password was not based upon natural language words (words you'd find in a dictionary) then your account will probably be safe. If your password for your Yahoo! account was one generated by C'YaPass for example (64 characters long and based upon random letters and numbers) it is close to impossible for hackers to crack it even with the older MD5 technology so you'd probably be safe.  

Don't Need To Be Faster Than the Tiger

The important thing is that you'd be more safe.  Your passwords just need to be stronger than all the other people's then you're safe.  You don't have to be faster than the tiger.  Just faster than the people you're running with.  :)

Yahoo! Does Something Smart, But Is It Too Late?

Of course, now Yahoo! finally reacts and does something useful.   They created Yahoo! Account Key (see more at: https://help.yahoo.com/kb/SLN25781.html^)

What Does Yahoo! Account Key Do?

This method allows you to sign on without using a password.  You simply set up a phone number that Yahoo! will send a notification to each time you attempt to sign on.  When you attempt to sign on to your Yahoo! account the message will popup on your phone and only if you acknowledge it will you be logged in on the other device.
You can watch the video that shows it in action:


Fewer Is Better

The fewer passwords you have, the better.  That's a great way to create a secure sign in and it means less passwords for you to memorize.  However, this only works with Yahoo! accounts at this point.  Maybe this is the way the industry will go, but for now you can't use this technology anywhere else.  And, since a lot of users will migrate away from Yahoo! it may be far too little, too late.

Until Passwords Are Dead, Make Them Stronger

Until passwords are completely destroyed, you must make them stronger.  You really should make them so strong that you cannot even memorize them.  How can you do that?  Just let C'YaPass generate them for you.
Get the app or try it in your browser.

Try It In Your Browser

Here's where you can get the iPhone/iPad, Android and Windows versions.
iOS / iPhone / iPad

The iOS (iPhone / iPad) version is available for the first time today (12.08.2016) in the App Store at:

https://itunes.apple.com/us/app/cyapass/id1183137527?mt=8^

Android

You can also get the Android version in the Google Play store at:

https://play.google.com/store/apps/details?id=us.raddev.cyapass^

Windows 

You can get the Windows version here at this site (just click the Get C'YaPass menu or follow this link: http://cyapass.com/page/get-c-yapass^