BrowseX
SourceForge Logo
BrowseX
 Home
 News
 Download
 Features
 Demos
 
 API
 SQLite
 TML
 Dballoc
 Javascript
 Mailer
 Address
 Mimetypes
 Portal
 DynDNS
 Talk
 ZipView
 TDB
 Packaging
 Passman
 Thin
 
 Press
 Docs
 Bugs
 FAQ
 Pros
 Why
 License
 Contacts

Search
Links
 Scriptics
 Tkhtml
 Postgres
 OpenSSL
 Img
 Baremetal

Contact
peter@browsex.com

BrowseX FAQ

BrowseX  Passman: A Password Manager

What Is It?

Passman is a userid/password manager embedded within BrowseX . It can save userids and passwords to an encrypted database file so that you only have to remember a single master password. Passman can on demand fill in the correct userid and password form fields on a page, or in a Basic Authentication popup.

How Does It Work?

Passman is on by default. The first time you go to a given login page, fill in the userid and password as you normally would. Then before submitting the page, right-click on the password field. A dialog box should popup enabling you to save this userid and password information to an encrypted database. (The very first page you do this on will also ask you to pick a Passman master password.)

Thats it!

In the future when you visit this page, fill in nothing, but instead right-click on the password field and you will be prompted for the Passman master password. Supply it and the fields are filled in for you. Optionally, you can fill in some or all of the userid field if multiple userids are used on the page.

What About Basic Authentication

Basic Authentication is when you go to a page and a userid/password dialog box pops up. Passman automatically fills in the userid (if you've been there before) and then works as above. Similarly, the first time you visit a page, type in the site specific password and you will be prompted to add it to Passman. If you've been to the site before, the dialog will have the userid filled in and prompt you in red for the passman password.

How Is It Implemented? How Secure Is It?

The browser never stores your Passman password internally. Instead, the Passman DB is encrypted with the password using DES encryption. Everytime you are asked for this password, BrowseX  uses it to decrypt the Database. There is currently no option to have the browser internally store the password, and that is probably a bad idea. The security of DES is probably only as good as your password, and any password can be subject to brute force attacks. So it is best to not allow anyone to have access to the DB.

How Do I Disable Passman

In Preferences/Security, uncheck Password Manager.

Where is the DB

It is stored in two files in your user directory. Under Unix this is in ~/.brx/passman.db and ~/.brx/passman.ctl. You may want to backup these files to floppy, in case something goes wrong. Alternatively, you can edit the password file via Preferences/Security. Note if you loose or corrupt this file and don't know the passwords therein you are SOL.

Can A Second BrowseX  Use The Password DB

Yes, the DB files are Base64 encoded. Just copy the two passman.* files into your second browsers ~/.brx user dir.

Copyright © 1999-2001   Browsex Systems Inc   http://BrowseX.com