1. One-time passwords
Nowadays, almost all website services support Two-factor authentication (2FA). Such authentication requires a user’s password plus a one-time password (6- or 8-digit secure code), which can be send to the user via a text message (SMS) or generated with a special authenticator application. SafeInCloud can be such an authenticator application, which generates one-time passwords.
Create a new card with the Web account template or open some of your existing cards and start the editing. Then press the Add another field button and choose One-time password.
Now enable the two-factor authentication in your profile on a website. You will be given with one of two options:
- QR code;
- A multi group digital-letter code.
Copy this code into the one-time password field or press the QR Code button next to the field to scan the provided QR-code with the camera.
Then press the Done on the toolbar to save the changes.
You will see the new one-time password field, which continuously generates security codes. They are valid for 30 seconds. Tap the field to copy the current code into the clipboard.
2. Password generator
Use the Password generator to generate safe passwords for your website accounts. You can access it via the More menu in the main (Card List) view.
Tip: Select Password history from the menu, to see all the passwords generated during the current session.
You can also access the Password generator by pressing the Key icon next to a password field, while editing a card.
In the pop-up menu, you can select password length, select generator mode, renew password (Rotate icon), or configure generator (Gear icon).
There are several generator modes. For example, the Memorable mode generates passwords, which easier to remember, but still hard to crack.
In Password options, you can configure a list of symbols that can be used for generating Memorable or Random type of passwords. Also, similar characters can be excluded from generating mechanism.
3. Password strength
SafeInCloud estimates the strength of your passwords. You can see it in the password strength indicator under each password field.
The crack time is an estimation of the time needed for a hacker to guess (brute force) your password. SafeInCloud uses the Zxcvbn estimation algorithm developed at Dropbox: https://tech.dropbox.com/2012/04/zxcvbn-realistic-password-strength-estimation/
You can see all your cards with weak passwords by switching the Weak Passwords label via the side menu. These cards are also marked with red exclamation signs.
4. Password history
When you modify a password in some card, the app saves the previous password. You can access all the previous passwords by pressing the History icon next to the password field.
You can copy the previous passwords or clear the history.