C'YaPass In Windows Store

CYaPass has just been released to the Windows Store. Now you can install it to your Windows 10 desktop quickly and easily. You can see there at: https://www.microsoft.com/en-us/p/cyapass/9pfd82d1z7rw

Using CYaPass

1. Add / Select a SiteKey (reminds you which site the password is used for)
2. Draw your secret pattern (it is never stored anywhere)
3. The program remembers which password requirements (uppercase, special characters, length) are required by the site.
   
4. The program generates your password and copies the password to your clipboard.
5. You just paste the password wherever you need to use it.

The following snapshots will give you an idea of how to set up a siteKey and how to use the app.

Create a New SiteKey

After Saving New SiteKey, New Password Is Generated

Notice that the password has the max length of 20 and the special character (&) included.

Here's a few more snapshots to show you C'YaPass in action. 

Generates A New Password For Every Site

Each time you add a new SiteKey it will generate a new password using the new SiteKey and your original geometric pattern.

Now You Have A New Password For Twitter

Now you never have to remember your passwords and they are super strong : not based on words in the dictionary.

Try it out.  It'll make your life more secure and easier.  No more remembering all those special web site requirements on passwords.

Microsoft has published new guidelines for passwords along with their latest release of Windows 10 v1903 and Windows Server v1903.

The (Bad) State of Passwords

One of the first things Microsoft mentions is the terrible state of passwords which are made up by humans.  Here's the Microsoft blog writer's take on it.

When humans pick their own passwords, too often they are easy to guess or predict. When humans are assigned or forced to create passwords that are hard to remember, too often they’ll write them down where others can see them. When humans are forced to change their passwords, too often they’ll make a small and predictable alteration to their existing passwords, and/or forget their new passwords.

Removing Password Expirations

Microsoft is also admitting that the idea of forcing passwords to expire is ancient and makes no sense.

Again, the blog writer admits that their is no logic in expiring passwords in 60 or 90 days since the password may have been stolen at the beginning of the cycle and the cracker may have been using the password and associated account for a long time. 

If it’s a given that a password is likely to be stolen, how many days is an acceptable length of time to continue to allow the thief to use that stolen password? The Windows default is 42 days. Doesn’t that seem like a ridiculously long time? Well, it is, and yet our current baseline says 60 days – and used to say 90 days – because forcing frequent expiration introduces its own problems.

The problem is that password expiration is even a problem for the network administrators. 

Stop Making Up and Memorizing Passwords

If you are still making up and memorizing passwords, I suggest you stop and make your life easier by using C'YaPass.  It is 100% Open Source code so you can examine everything it does.  It generates strong passwords for you for each site you want to login to. 

If you don't want to download anything, you can try it here at this site just to see how it works.

All the code runs in JavaScript on your client and nothing is passed over the network.  Password keys are stored in the LocalStorage of your browser and only that browser instance will have those.

Try it at: http://cyapass.com/js/cya.htm

Try it out today and make your life easier.  Once you decide you want to use it you can download the free Windows app and the free Android app.

It's time to start using something to manage your passwords.  However, the apps out there are all the same.  They save your password somewhere -- either in their database at their web site or in a file you have to manage.

Below is a list of ways C'YaPass is different along with a list links to other password managers.  No matter which password manager you choose -- even if you don't decide to us C'YaPass -- you really should start using one today.  There are too many passwords for us humans to manage strong ones for all our accounts and web sites.  Let the computer help you.

How is C'YaPass different than other password managers?

1.  C'YaPass never stores your password anywhere.  Other password managers store your passwords at their site or in a file you manage.  C'YaPass generates your password from the pattern you draw and the site key you choose each time you run the app.  It does not store your password anywhere.  I know that sounds like magic.  You can read more about it and see screenshots here^.
2. C'YaPass is always free.  Other password managers charge you a fee.  Here's a list of other password solutions with links and prices:
1. KeePassX^ is also free, however it requires you to manage an encrypted file of all your passwords.  You have to sync the file across devices and I have a friend whose only file was corrupted and he could not recover his passwords.  It's also not very user-friendly for non-tech users.
2. Dashlane^ is $39.99 a year.  
3. LastPass Premium^ is $24/ yr  Yes, there is free versions of LastPass and many of these apps but the free versions don't allow you to sync your passwords across devices.  (Also, LastPass was hacked^.)
4. Keeper Password Manager^ is $29.99 / yr 
5. Password Boss Premium^ is $29.99 /yr
6. AgileBits 1Password 6^ is $35.88 /yr
7. Sticky Password^  $29.99 /yr
8. RoboForm 8^ $19.99 /yr
9. True Key (Intel)^ $19.99 /yr (for unlimited passwords) Is an interesting option that lets you sign on on compatible devices using your face or fingerprint.  Their promise is no more passwords. However, the free option is only available if you have 15 or fewer passwords.  Once you start using this you'll find that you most likely have upwards of 40 or more.  That's why passwords are so ridiculous.  We have far too many of them.
3. You can use C'YaPass without signing up to any service. Just download the app for your platform (Android, iOS, Windows) and go.  Many of these services require you to sign up for an account on their site.  With C'YaPass you manage how you use the app.

Try It In Your Browser, Get the App Free

Here's a compilation of top security experts explaining why your passwords are weak, how easily they can be cracked and how quickly your accounts will be compromised.

Ars Technica Contest: Winner Cracks 90%

Ars Technica set up a contest to hack passwords.  The winner was able to crack 90% of them and the hacker who won second place was able to get 62% of them (out of a total of 16,000 passwords).  Read all the details of how they did it at: http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/^

XKCD : CorrectHorseBatteryStaple Is Weak

Many people know about the XKCD method popularized by the comic : http://xkcd.com/936/^

Maybe you think these long passwords are uncrackable.   They're not any more.  

Don't Base Passwords On Any Natural Language Words

Your password has to be more random, because computing power allows huge dictionaries to be tried in all manner of combination and are able to crack passwords based upon words.

C'YaPass Generates Random Hashes With No Words

Bruce Schneier, Top Security Professional, Explains How Passwords Are Cracked

"This little piggy went to market" might become "tlpWENT2m"

Overwhelming : Creating One of Those For Every Site

Kim Komando : Radio Technology Expert

Microsoft: How To Create A Strong Password

"Doesn't contain a complete word."

PNC Bank Provides Customers With Ideas For Strong Passwords

Strong Password Generator

GeekSquad (BestBuy) : Creating Strong Passwords

Contradictory Information

You Must Create Strong Passwords

With C'YaPass you'll:

It's Free: Try It Now

Security is boring.  Absolutely mind numbing.  Passwords are the most boring of all.  

No one wants to think about creating and managing passwords.  Users want apps to magically solve their problems.

Automatic Grocery List?

Wouldn't an automatic grocery list be cool?  Some app where every time you need ketchup or a jar of pickles and you don't want to forget you simply just say the item and it's added to a list. That would be great.  I have Google Home and it will help you do that.  That's almost magic.

Users don't want a solution, they just want some magic.  Wave a magic wand and make things easy.

Passwords : The Price We Have To Pay

The problem is that passwords are a part of the price we have pay to use the Internet.  Maybe someday the major companies will group together to destroy all passwords.  Maybe.  For now we have to deal with passwords.  That means you need to make a plan and actively manage them.  

Once You're Hacked, Everything Changes

If you get hacked, there will be no magic.  No hero on a white horse will come riding out of the sunrise to fix all your accounts.  And, the bank may even decide not to refund your stolen money.

That's what happened to Kristina Markula of San Francisco when hackers made Cardless ATM withdrawals against her Chase account.  Read all about it at : https://krebsonsecurity.com/2017/01/stolen-passwords-fuel-cardless-atm-fraud/^

C'YaPass Generates Strong Passwords

This is why I think you should try C'YaPass as soon as possible. This is why I make it available free for your use.  

C'YaPass Magic

I've tried to make it magic by allowing you to draw your password.  That's right you can draw your password so that you: 

1. never have to memorize a password again.
2. never have to type a password again.
3. never have to make up a password again.

Try It For One Account, Then More

At least try it from the web for one of your accounts and see that it creates extremely long and strong passwords and then you can try it for more accounts as you like.

It's easy to try and free to use.  An ounce of prevention is worth tons of cure in the case of security.

Browser Version Is HTML5 Canvas

Try the Browser Version, Get the App Free

Note: Hat and wand image from https://openclipart.org/detail/132133/magic-hat-and-wand^

Passwords are everywhere. We are drowning in passwords. You have too many of them to realistically and easily manage.   That's one of the main reasons people create weak passwords.  There are just too many.

C'YaPass Is Everywhere

That's why I've developed C'YaPass for use on every platform (Android, iOS, Windows and now you can even run it right in your browser from cyapass.com).

Make 2017 the year you stop creating and memorizing passwords and let C'YaPass do it for you.

Try it in your browser, right now.  Just click this link and it'll open in a new tab/window: http://cyapass.com/js/cya.htm^

Browser Version Works In All Six Major Browsers

Try It and Help Yourself Have Stronger Passwords

Browser Version Is HTML5 Canvas

Try the Browser Version, Get the App Free