Please see our Syncing FAQ.
pwSafe Cloud issues?
Please see the pwSafe Cloud FAQ.
Why is pwSafe 2 a paid upgrade?
pwSafe has been on the App Store since June 2011 and has received more than 30 free upgrades since, including iPad support, two major visual redesigns and timely support for all iOS releases since iOS 4.
iOS 8 introduced two new technologies which required major work on our side: extensions and adaptive layouts. To be able to fund those great new features and others like TouchID and full dynamic text support, we had to charge for this upgrade.
We will keep on providing free upgrades after this one as much as possible.
If I upgrade to pwSafe 2, will I have to buy Dropbox Sync again?
No. As soon as you launch pwSafe 2 for the first time, it will ask your permission to bring over settings and safes from pwSafe 1. When it does that, it will recognize your previous Dropbox purchase and enable this feature on pwSafe 2 without requiring any further payment. You'll only need to re-link to your Dropbox account and your Dropbox safes will re-appear automatically.
Please don't use the "Restore Purchase" function in pwSafe 2 if you originally bought Dropbox Sync using pwSafe 1, as you'll end up being charged again. If you need to restore Dropbox Sync on a device which does not have pwSafe 1, you need to install the old app first, restore the purchase in it, and then perform the upgrade process to bring it over to pwSafe 2.
I previously bought Dropbox Sync, but can't restore the purchase. How to enable it?
If you are running the same version of pwSafe where you originally bought it and you are using the same Apple-ID as you originally used to purchased the add-on, you can tap "Buy" again and you won't be charged.
If you are using pwSafe 2, but originally bought the add-on with pwSafe 1, then you need to re-install pwSafe one from the app store, restore the purchase with the old app and then perform the upgrade again using pwSafe 2's settings menu.
Do I need to subscribe to sync or otherwise use pwSafe?
No, the subscription is just for pwSafe Cloud. Although we think pwSafe Cloud adds great value to pwSafe, you don't need to subscribe to it to have a fully-functional password manager, including access to Apple's iCloud Drive for syncing. You'll be missing only Cloud Memory and Cloud Backups.
How do I use Safari integration on iOS?
Before using it, you need to enable pwSafe's action extension. To do that, tap the share icon and then select the rightmost ellipsis icon on the black and white icon row. Enable pwSafe in the list which will pop up.
Then, whenever you need to autofill a form, create a new password or change an existing one, tap the share icon and then the black and white pwSafe icon. You may move that icon to the left by tapping, holding and then dragging it with your finger.
How do I use TouchID to unlock my safes?
First, unlock your safe as usual, using your password. Them, tap the settings button to the bottom of the screen, which is the safe settings button. Finally, tap "Enable TouchID".
Next time you need to unlock your safe, you'll be able to do so using your fingerprint.
I lost my password, how do I recover my data?
You don't, that's impossible. The password is used as a cryptographic key to encrypt your data. That means that we couldn't recover your password or data even if we wanted or were coerced to do it.
The only way to recover you password is to try every possible combination of numbers, letters and symbols (brute-force).
My safe disappeared! What can I do?
Since your safes are files you manage, instead of information stored on some database we operate, you need to recover your file.
You could have backups made by pwSafe itself:
- If you use pwSafe Cloud, your data might be in the Cloud Backups service. Tap/click the little cloud icon and then the "Cloud Backups" text to list what is stored in your account.
- If using iOS, try the "Restore Backups" function on the settings menu.
- If using a Mac, and you know exactly where your safe was, create a new safe under the same name in the same folder and use the "File", "Revert to..." menus.
If using a Mac, try restoring from Time Machine. iCloud safes are stored in
If backups didn't solve it for you:
- if your safe was in iCloud, it could be that:
- You were using iOS 7 or earlier and OS X Mavericks or earlier and started using iOS 8 or OS X Yosemite. iOS 8 and OS X Yosemite use a new iCloud technology called "iCloud Drive". The thing is that iCloud drive only works with iOS 8 and OS X Yosemite, it doesn't work on OS X Mavericks or iOS devices running iOS 7.
- The email address used to log on to iCloud has been changed, thereby switching iCloud accounts. If that's the case, switch back, remove your safe from iCloud, switch again and move it back into your new account's iCloud Drive.
- Trying to reclaim storage space, you or someone with whom you share your iCloud account deleted pwSafe's data. If that's the case, you might be able to restore it using the "Restore backups" function on the settings menu (iOS). If using a Mac, create a safe under the same name and use the "File" - "Revert to" menus to try and find your safes' data
- Your device lost sync with iCloud servers. Log in to drive.icloud.com from your computer to verify what's in Apple's servers. If your data is there:
- Turn pwSafe off inside iCloud Drive, inside iCloud settings (system preferences on the Mac, settings app on iOS).
- Turn it back on
- If your safe was stored on Dropbox, tap the + button and select "Link to safe in Dropbox". Finally, browse for your safe in your Dropbox folder. If it's not there, you may want to log on to dropbox.com using your computer and restore it from deleted files.
- If your safe was stored locally on an iOS device (unsynced), your best bet is a full phone backup (iCloud or iTunes).
Which encryption algorithms does pwSafe use? How secure is it?
pwSafe uses Twofish for encryption. Twofish is a 256-bit algorithm which was one of the five finalists of the AES competition (won by Rijndael algorithm). If you wish more details, that's the technical description of pwSafe's file format.
Since only using strong algorithms is not enough, pwSafe borrows its security code from the Password Safeopen-source project, which is around 10 years old and has been originally designed by the security guru Bruce Schneier. By doing that, it ensures a very low probability of having security related bugs which would allow an attacker to go around the cryptography. It also brings another advantage: it is compatible with many apps for many different platforms.
When transfering your safes to and from Dropbox it uses SSL, which encrypts all data and also authenticates the Dropbox server. The same goes for Cloud Backups.
If a master password is configured, when pwSafe is moved to the background, it encrypts the passwords you used to open the safes which are not closed (the ones with a red padlock). This encryption is performed using AES-128 in CBC mode and an encryption key derived from your master password by hashing it and a random salt with SHA-256 128 times.
Why don't pwSafe use a 512-bit (or longer) encryption algorithm?
The short answer to this question is: because it wouldn't make pwSafe safer.
That's actually an interesting question, because it contains a common misconception caused by misunderstanding of cryptography fundamentals by marketing-driven security products manufacturers. Let me explain:
- Provided you use a sufficient large key (128 bits is large enough) you can't break an encryption algorithm by brute-forcing it. Unless quantum computers become practical, there's not enough energy in the entire solar system to try all combinations.
- There is no such thing as 512-bit AES, which is advertised by some. AES comes in 3 flavors, 128, 192 and 256 bits. As strange as it may look, 128-bit AES is actually considered the safer choice, due to advances that have been found by scientists trying to break the other variations.
- After about the 128-bits threshold, adding bits to a cryptography algorithm doesn't necessarily make it safer. Take the AES example above: Bruce Schneier, a famous cryptography scientist, recently wrote: "And for new applications I suggest that people don't use AES-256. AES-128 provides more than enough security margin for the foreseeable future."
pwSafe uses Twofish encryption algorithm (256 bits key). Although AES-128 would be a better choice security-wise (it's a more thoroughly analyzed algorithm than Twofish), changing algorithms would break compatibility with Password Safe apps for the Mac, PC and Linux, which is a big advantage.
How to assign an entry to a group?
On the Mac, drag and drop the entry on the left list.
On iOS, tap edit, then tap the "Group" section just below the email field (it only appears when editing).
How do I use facial recognition?
First of all, you'll need to install the facial recognition app by BIOMIDS. Then, link pwSafe to it:
- Go back to pwSafe.
- Open your safe.
- Tap the gear-like button to the bottom (and left, if on an iPad). If you can't see a gear-like button, then tap "Groups" on the top left to go back to the groups screen (iPhone).
- Tap "Register with Mobius".
- The facial recognition app will open. Follow its on-screen instructions to learn your face and register a fallback password.
- Done, it will switch back to pwSafe.
To test it, tap the padlock button to the bottom left to close your safe. Then, tap on it and, instead of inputing your password, tap "Unlock with Mobius" and look at the camera. You might need to blink or smile for Mobius to detect the image as a live face (in opposition to a photo).