Android, Releases, Windows

Cryptnos for 1.3.1 Windows & Android Released

April 16th, 2012 | 1 Comment

We are pleased to announce that Cryptnos Version 1.3.1 for both Windows (.NET) and Android have been released. This is a minor feature release for both platforms, but it also contains some updates to some of our third-party libraries. There’s also a little bit of code clean-up on the Android side which should slightly improve performance.

For both platforms, we’ve introduced a new requested feature that should slightly improve security. This feature allows the user to specify that Cryptnos should clear out the contents of the master and generated password text boxes (“Passphrase” and “Password” on the Windows client) whenever the application loses focus, i.e. Cryptnos is no longer the application that has the user’s direct attention. On Windows (and other .NET clients), this should occur if Cryptnos gets minimized or becomes obscured by another window; on Android, this occurs if the user taps the Home button or otherwise switches to another application without tapping Back to leave and close Crpytnos. In both situations, if the user returns to Cryptnos with this option set, the application will wipe out the contents of these password boxes to prevent anyone for seeing or reading their contents. If the user has selected to have the generated password copied to the clipboard, that copy of the password is unaffected. By default, this option is turned off to replicate the behavior of previous versions. You can find this new setting under each application’s Advanced Settings location.

On the Android side, we also added the ability to type/tap the Enter key while in the master password box to trigger generating the site password. This was already the default behavior for the Windows client, but implementing this on Android isn’t something built into the operating system so it wasn’t as obvious. Still, this was something that annoyed me about the Android client as well, so it seemed like an excellent addition. Note that on the off chance you might use the Enter character as part of your master password, this may break your generated passwords. Since this behavior is incompatible with the Windows client, we don’t think that will affect many people, but please let us know if it does affect you.

We also took the opportunity to upgrade ZXing (the QR code generating library) on the Windows side and the Legion of the Bouncy Castle (our crpyto library) on the Android side, both to the latest versions at the time of their release. You shouldn’t notice anything different with respect to this change, but this will hopefully prevent any potential bugs and security flaws that might be present in these modules.

Recently Google integrated a version of Lint into their Android development kit, so we took advantage of the impending release to run the Android version of Cryptnos through it. While many of the suggestions were trivial (and one completely broke Cryptnos so we had to back it out), we did find a few things to tweak that may slightly improve performance. You probably won’t notice it, but maybe folks on slower devices will see an improvement.

As usual, you can download the updates directly from the respective pages here on the site, or from the Google Code sites. Of course, we’d prefer you use the automated update options to keep you as up-to-date as possible. Folks who installed the Android client from the Google Play Store (formerly the Android Market) should get the update notification soon. The Windows client checks for updates once per week, but you can force an update check through the relevant option under Advanced Settings.

If you discover any problem with Cryptnos, please let us know and we’ll look into it as soon as possible. The time I personally have to devote to Cryptnos is a lot less than it used to be, but I try to work on it when I have the opportunity. The preferred place to report bugs or request features is through the Google Code issue trackers, which you can find links to from the various platform pages. While we do take issues via e-mail, we always repost them there for tracking purposes.

As always, thanks for using our humble little app for your password hashing needs!

Tags: , , ,

1 Comment


You can skip to the end and leave a response. Pinging is currently not allowed.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

You must be logged in to post a comment.