2020-09-15 04:00:00 -0400
Since the introduction of the Sync Key to Codebook in version 4, we have heard from customers who are concerned about backing up the Sync Key and potentially having to manage a Sync Key separate from their Master Password, lest they lose access to all the critical passwords and other information they have stored in Codebook.
We can say with confidence that is definitely not the case, and we’d like to clarify how the Sync Key fits into Codebook, and when and why to keep a backup of it outside of Codebook. In addition, if you lose your Sync Key Backup, it won’t make your data inaccessible, because each copy of Codebook you sync with has a copy of the Sync Key.
First, it’s important to note that we haven’t replaced your Master Password with the Sync Key. Your Codebook data is still stored in a single file, encrypted with your Master Password. You can even take a backup of the single database file, and then restore it to a new computer, without any need for the Sync Key.
So where does the Sync Key come into play? It’s used to encrypt all your Sync data, the changes that are passed back and forth. Whether you are syncing with WiFi, a local folder, or a cloud service (i.e. Dropbox or Google Drive), that data is encrypted with your Sync Key instead of the Master Password.
The Sync Key is stored by Codebook in your encrypted database on your device. And because it’s required to add the Sync Key to every new device you setup (so that all your devices can encrypt and decrypt the sync changes), there’s a copy of the Sync Key in the encrypted Codebook database on every device you sync with.
If you were to delete Codebook from one of these devices, or you lost and replaced one of these devices you sync with, all you need to set up the new device is to set the master password, add the Sync Key from one of your other devices, and perform a Restore.
So why do we ask you to Backup the Sync Key?
Say you use Codebook on an Android phone and a Windows laptop, and you’ve got a Google Drive account that you sync with. Or, maybe you use Codebook exclusively on an iPhone and an iPad, or maybe just one iPhone and sync with Google Drive. This means there is a copy of your encrypted sync data up in Google Drive that you could restore from if you were to lose access to one of your devices. Now let’s say you lose access to all your devices at the same time, perhaps in a house fire or burglary. So, you buy a new device, download Codebook, and you want to restore your passwords and other data. The data is still available in Google Drive, but it’s encrypted with your Sync Key, which you no longer have access to.
That’s where the Sync Key Backup comes in: the catastrophic scenario where you lose every copy of Codebook, and thus every copy of your Sync Key, and the only copy of your data is encrypted in your cloud service, for instance, encrypted with your Sync Key. The Sync Key Backup allows you to restore your data from an encrypted remote to a new device after access to all your other devices have been lost.
If the prompts in Codebook to Backup Your Sync Key come on a little strong, that’s a result of our trying to do some due diligence to help ensure this unlikely and catastrophic scenario is not possible. We tried to make the Sync Key Backup feature flexible by offering more than one option for creating a hard copy backup (printing an encrypted QR Code, or writing down a Word List), and to allow those who would prefer not to maintain a physical backup to ignore the feature and go about their business.
Where should you store the Sync Key Backup?
If you do choose to backup the Sync Key, you’ll want to store it in a secure place, as a determined attacker could use it to decrypt any sync data you might have on a remote service, since that data is encrypted with the Sync Key. Where to store the Sync Key Backup is a personal decision that will have a different answer for everybody depending on their needs and circumstances, but it may help to know that you should only need the Sync Key Backup in rare and catastrophic circumstances. Without endorsing any option in particular, here are some ideas:
- A secure hiding place
- A fire-proof safe
- A bank deposit box
- With a trusted family friend
- A personal attorney
As always, if you have any questions about the Sync Key or any other feedback on Codebook, please get in touch.
2020-05-21 02:00:00 -0400
Yesterday we released an important update to Codebook, version 4.1.0, on Android, iOS, macOS, and Windows. The new version supports a new Sync Operation feature, and provides a ton of excellent adjustments, improvements, and bug fixes. We’ve got a run-down of the new Operations and a full listing of all changes to the apps available on the discussion forum.
Note: Customers on Codebook 4.0 who use Desktop WiFi sync must upgrade!
If you attempt to sync 4.0 with 4.1 over Desktop WiFi you will run into an error. Sorry about that, we had to update the WiFi protocol to support the new Operation feature.
2020-05-12 08:00:00 -0400
We are pleased to announce that SQLCipher 4.4.0 is now available. It includes the following important changes:
- Updates baseline to upstream SQLite 3.31.0
- Adjusts shell to report SQLCipher version alongside SQLite version
- Fixes various build warnings under several compilers
- Removes unused id and status functions from provider interface
SQLCipher for Android
Support/Room API queries have been improved so that parameters are bound using the appropriate type to avoid conversion issues.
SQLCipher Commercial and Enterprise
sqlcipher_vle_cipher Value Level Encryption function provides a low-level interface to invoke AES-256-CBC encryption and decryption operations without type encoding, PKCS#7 padding, or HMAC authentication.
Commercial and Enterprise - On-demand access to new releases of SQLCipher packages are available to all licensees with an active support subscription from the Customer Downloads fulfillment site. Licensees will also receive a separate email notification regarding the update and can contact us at any time for private support directly from the SQLCipher development team.
Community Edition - SQLCipher 4.4.0 in source format is directly available on GitHub. The Community Edition of SQLCipher for Android (4.4.0) is available via AAR packaging. The Community Edition of SQLCipher for iOS can be compiled from source or using CocoaPods.
2019-12-20 07:00:00 -0500
SQLCipher 4.3.0, which includes the following important changes, is now available:
- Updates baseline to upstream SQLite 3.30.1
PRAGMA key now returns text result value “ok” after execution (consistent with upstream)
- Adjusts backup API so that encrypted-to-encrypted backups are permitted
- Adds a NSS crypto provider implementation
- Improves OpenSSL provider compatibility with BoringSSL
- Corrects output of
PRAGMA cipher_integrity_check on big endian platforms
- General cryptographic provider interface cleanup
- Improvements to mutex allocation and management
- Separates memory related traces to reduce verbosity of logging
- Resolves miscellaneous build warnings
- Forces error state at database pager level if SQLCipher initialization fails
SQLCipher for Android
SQLCipher for Android now includes support for utilizing Android Room. Room is a Google supported ORM library that provides an abstraction layer over direct database access. Integration instructions for the library can be found here. Thank you to Mark Murphy for providing the necessary contributions from the CWAC-SafeRoom project for this addition.
SQLCipher Commercial and Enterprise
Starting with the release of SQLCipher 4.3.0, Commercial and Enterprise packages now include exclusive features that are not available in Community Edition distributions:
The SQLCipher Value Level Encryption (VLE) and Encrypted Virtual Table features extend SQLCipher to allow partial encryption of data. Instead of applying encryption to the entire database, they selectively expose convenient SQL Functions and a Virtual Table module that operate transparently to encrypt and decrypt data. These features still use SQLCipher’s well-trusted underlying cryptographic providers. While not intended as a substitute for full-database encryption, these features can serve the needs of several classes of applications, for instance when:
- Only a subset of database information needs to be secured
- Multiple overlapping layers of security with separate keys are required (e.g. multiple keys for different data sets)
- Full-database encryption is not appropriate due to other considerations (e.g. performance, compression, etc.)
The new 4.3.0 features also include a special extension that exposes internal performance counters for SQLCipher’s encryption module. These additional statistics provide deeper insight to applications which can be useful for performance optimization and tuning purposes.
In additon to these new features, the official iOS native package for Xcode now include framework support for Mac Catalyst, which allows iPad applications to be built for and run on macOS computers.
Commercial Edition - On-demand access to new releases of SQLCipher Commercial Edition are available to licensees with an active CipherCare subscriber subscription, along with private, prioritized support directly from Zetetic. CipherCare subscribers will receive a separate email notification regarding the update and can contact us to request the latest SQLCipher distribution and applicable software license codes.
SQLCipher Enterprise Program - Enterprise Program Subscription customers will receive a separate email notification about the release, and the latest SQLCipher packages and license codes will be provided directly via your organization’s private online software delivery share.
Community Edition - SQLCipher 4.3.0 in source format is directly available on GitHub. The Community Edition of SQLCipher for Android (4.3.0) is available via AAR packaging. The Community Edition of SQLCipher for iOS can be compiled from source or using CocoaPods.
2019-12-04 04:00:00 -0500
Today we’re excited to announce the release of Codebook 4, the next major version update of our password manager, featuring significant enhancements in security and the Sync feature. It’s a free upgrade, and the product of nearly a year’s worth of work that lays the groundwork for many more improvements to come.
Here’s a quick listing of what’s changed in Codebook 4 on all four platforms:
- Updates the Sync feature with a new, faster, and more secure replication system
- Updates the encryption Codebook uses to SQLCipher 4 (4.3.0)
- Updates key derivation algorithm to PBKDF2-HMAC-SHA512 (previously PBKDF2-HMAC-SHA1)
- Updates key derivation to use 250,000 iterations (previously 64,000)
- Updates HMAC page protection algorithm to HMAC-SHA512 (previously HMAC-SHA1)
Note: Codebook 4 cannot sync with Codebook 3, so you’ll want to update Codebook on all your devices as soon as possible. Codebook 4 supports all the same minimum operating system versions as Codebook 3.
Downloading the Update
Codebook 4 is now available via all auto-update channels. Follow the links below on your device to install directly.
*If you purchased Codebook for macOS from the Mac App Store, use this link to view the update on your Mac.
New Sync System
Codebook 4 updates the Sync feature used to replicate your data. The highest impact change it introduces (in addition to being much faster and more secure) is the Sync Key. In Codebook 4, all sync data is encrypted with your Sync Key, a unique random key that is separate from your Master Password.
Every user that upgrades to Codebook 4 will be prompted to either 1) generate a new Sync Key, or 2) scan the Sync Key they’ve already created on another device (via QR code). To be clear, you should only generate the Sync Key once. When setting up Codebook 4 for the first time on any other device, you’ll scan that Sync Key using your device’s camera.
Here is a demonstration video we’ve prepared that will walk you through creating your Sync Key and adding it to your other devices:
Once you start using the new Sync system you should notice right away that it’s much faster than it had been in the past (after the initial syncing of data). Previously, Codebook needed to download a full copy of the remote database to perform replication and then upload it again on every sync. In Codebook 4 changes are instead replicated in much smaller encrypted updates. Each of these files is an encrypted SQLCipher 4 database using the latest security settings.
Sync Key Backup
Because the Sync Key is required to encrypt and decrypt all sync data, losing access to it would leave the user unable to decrypt any backed-up sync data. To help prevent this from ever happening we’re encouraging each user to save a physical (like in the real world) backup copy of their Sync Key in a safe place. There are two options for doing this: printing an encrypted QR code, and writing down a Word List.
The option to print is most convenient, but may not be ideal if you don’t have a secure or direct connection to the printer in question. The Word List serves as an alternative to printing. Because the word list is an unencrypted representation of your Sync Key you should not photograph or screenshot it, it really is meant to be written down!
Having a physical backup of your Sync Key can come in handy if you ever have a need to recover from data loss at some point in the future.
Update Cloud Services
After you setup your Sync Key in Codebook 4, Codebook will offer to update any cloud services you sync with (i.e. Google Drive and Dropbox). When it does this it upgrades the data stored on the service to the encryption and format used by the new Sync system. It also deletes the
strip.db file previously stored on the service by Codebook 3. You may wish to copy this file or rename it to serve as a backup of your Codebook 3 data before syncing Codebook 4 with the cloud service. The first time you sync Codebook 4 with a Dropbox or Google Drive account it will check for a Codebook 3 database and attempt to upgrade it.
Codebook 4 encrypts your passwords and other data with the latest version of SQLCipher 4. This means we’re using much stronger security settings, taking better advantage of the computing power available on modern mobile and desktop devices. Among these:
- PBKDF2-HMAC-SHA512 is the new KDF algorithm (previously PBKDF2-HMAC-SHA1)
- HMAC-SHA512 is now used for per-page HMACs (previously HMAC-SHA1)
- KDF iteration count has been increased to 256,000 from 64,000
- Improved memory sanitization features
- Significant performance improvements for common use cases on platforms including iOS, Android, and Windows
Codebook’s encryption is stronger and faster than ever.
Desktop Backups feature removed
There is no longer a Backups feature and view in Codebook for macOS and Windows. We recommend that any users relying on this feature look to other common commercial and open-source techniques for regularly making a backup copy of the local database file,
Delete Obsolete Backups prompt
Because the Backups feature has been removed, it would be prudent to delete any of the old backup files stored locally on the desktop, which use an older version of the encryption used in Codebook 4. Thus, Codebook 4 for macOS and Windows will prompt you to inquire if it can delete these files.
Sync Operation feature removed
The Sync menus in Codebook 4 no longer provide an Operation setting that allows the user to change the “direction” of a sync to be an Overwrite or a Restore. This feature has been obsoleted by the new Sync system and is removed. If you think you do need this anyway, please get in touch, we should be able to help.
Help Buttons and Documentation
We’ve put a lot of work into the new documentation for Codebook 4 and updating our existing documentation. The documentation index got a big overhaul, as did the style we use on all the Help pages. We’ve included a platform selector on pages with multiple sets of steps for each platform, and included lots of new short demonstration videos. Accordingly, many of the new interfaces and prompts in Codebook 4 feature a Help button that will launch a URL to documentation on our website.
Password Review on macOS
The Password Review feature in Codebook for macOS has been updated to work on-demand, in addition to while you edit a password. Right-click or control-click on a password field and select the option “Review Password”. Any Weakness Warnings will be displayed as well.
The default toolbar button set has been given a rearrangment in Codebook for macOS. We think this is a nice improvement over the previous layout. However, you can set it back to the way it was before, or to another configuration! Right-click (or control-click) on the Toolbar and select Customize Toolbar to change the buttons displayed.
Updated Getting Started UI on iOS
There is an improved interface for first-time setup in Codebook for iOS, which is used frequently by existing users setting up a new device, as well as new users of the app. This should make it a lot easier to get started quickly, and it’s an approach we’re adopting across all four apps.