KEYSHADE FAQ

    • Mac OS X 10.8.3 or newer. iOS 8 or newer.
    • Yes! KeyShade was built for this. Just enter the same KeyShade code on both computers, and they'll stay in sync. Your code can be found in Tools->Preferences.
    • Your KeyShade data is backed up to the cloud every time you make a change. You can manually back it up via Tools->Sync with Server. If you need to restore a previously backed-up version of your KeyShade data, you can do so via the account page.
    • KeyShade takes encryption seriously. Unless you explicitly tell KeyShade to save your passwords to a text file, KeyShade will never write or send unencrypted password data anywhere. When KeyShade syncs with the cloud, the data we send is encrypted and can't be read by anybody unless they know your master password.
    • Every user of KeyShade has a KeyShade code, in the format KS1-0000-AAAAAA-111111. You can find this code in Tools->Preferences. This code is what associates you with your KeyShade data stored on our servers. If you want the same KeyShade data on multiple devices, use the same code on those devices.
    • No, your data is all encrypted. Without your master password, there is no way to decode the data that sits on our server. Your passwords are as secure as your master password.
    • Hopefully you chose a password hint which will help you remember it. Otherwise, there's no way to recover your KeyShade data. For security reasons, this is how it needs to be. Moral of the story: remember your master password, and/or write it down someplace safe!
    • KeyShade has a pretty flexible CSV importer. As long as your password manager can export reasonably well-formatted CSV data, KeyShade should be able to handle it.
    • Yes, KeyShade lets you export all your data to a CSV or TSV file. Be careful with this file though, since it's unencrypted and it contains sensitive data.
    • ~/Library/Containers/com.raynersw.keyshade
    • Before saving your passwords to disk or sending them to the cloud, KeyShade first concatenates them all into a single unencrypted string of data in memory. Next, KeyShade runs your master password through a salted Argon2 hashing algorithm to generate a 32 byte digest. The Argon2 algorithm is a modern, well-respected "slow hash" designed to be hard to crack, even with high computing power.

      Next, your unencrypted data is encrypted using AES with a 256 byte key. Encryption is performed using Apple's CommonCryptor library, hashing by the Argon2 reference implementation.

      KeyShade is very careful to write only encrypted data to disk, and to send only encrypted data over the network.

      Security Flowchart

    • If you use KeyShade Sync, your encrypted data gets saved on a dedicated server owned by Rayner Software. This server sits in a secure datacenter in Fremont, California, and gets backed up to a remote location.
    • English, French, German and Italian.
    • Write us any time: support@raynersw.com