Switch to Codebook

During the BlackHatEU conference in 2012 ElcomSoft presented an analysis of 17 popular iOS and Blackberry password managers. Their results showed that most of the products are either:

  • Storing data in an unencrypted format
  • "Encrypted so poorly that they can be recovered instantly"
  • Susceptible to basic cracking techniques (i.e. rainbow tables)

The presenters noted that Codebook (called STRIP back then), using an encryption key derived through 4,000 iterations of PBKDF2-SHA1, was the most secure app, "by far the most resilient app to password cracking" and appeared to be the only application that properly implemented strong cryptography.

Since this paper was published the number of PBKDF2 iterations in all versions of Codebook has been increased to 64,000, and we've added per-page HMAC authentication to prevent tampering. We're constantly working to improve SQLCipher, Codebook's open-source, encrypted database engine.

Citation Pdf

Source: ElcomSoft

Importing your data into Codebook via CSV

One of the most common data export and import formats, Codebook readily imports CSV (comma-separated values) files with a few simple requirements. If you are switching to Codebook from another password manager that provides a CSV export, you can usually import it into Codebook by renaming some columns.