Just extract the files (using WinZip, for example) to any directory, double-click on the Pwsafe.exe icon,and that's it. Suggest corrections.

Vincent Danen suggests pwsafe to securely store your passwords. If you have way too many passwords to keep track of - and especially if you actually create individual, strong passwords for your. Password Safe allows you to safely and easily create a secured and encrypted user name/password list. With Password Safe all you have to do is create and remember a single Master Password of your choice in order to unlock and access your entire user name/password list. PwSafe has been on the App Store since June 2011 and has received more than 30 free upgrades since, including iPad support, two major visual redesigns and timely support for all iOS releases since iOS 4. IOS 8 introduced two new technologies which required major work on our side: extensions and adaptive layouts. To be able to fund those great. Cross Platform simple and secure password management from commandline. Free open source software. Works on Linux, Mac OSX, Windows. Just a single portable binary file.

Syncing issues?

Please see our Syncing FAQ.

pwSafe Cloud issues?

Please see the pwSafe Cloud FAQ.

Why is pwSafe 2 a paid upgrade?

pwSafe has been on the App Store since June 2011 and has received more than 30 free upgrades since, including iPad support, two major visual redesigns and timely support for all iOS releases since iOS 4.

iOS 8 introduced two new technologies which required major work on our side: extensions and adaptive layouts. To be able to fund those great new features and others like TouchID and full dynamic text support, we had to charge for this upgrade.

We will keep on providing free upgrades after this one as much as possible.

If I upgrade to pwSafe 2, will I have to buy Dropbox Sync again?

No. As soon as you launch pwSafe 2 for the first time, it will ask your permission to bring over settings and safes from pwSafe 1. When it does that, it will recognize your previous Dropbox purchase and enable this feature on pwSafe 2 without requiring any further payment. You'll only need to re-link to your Dropbox account and your Dropbox safes will re-appear automatically.

Please don't use the 'Restore Purchase' function in pwSafe 2 if you originally bought Dropbox Sync using pwSafe 1, as you'll end up being charged again. If you need to restore Dropbox Sync on a device which does not have pwSafe 1, you need to install the old app first, restore the purchase in it, and then perform the upgrade process to bring it over to pwSafe 2. pwSafe 1 is not listed on the App Store anymore, so you'll need to go to the 'purchased' section, which is accessible on your account, by tapping your picture.

I previously bought Dropbox Sync, but can't restore the purchase. How to enable it?

If you are running the same version of pwSafe where you originally bought it and you are using the same Apple-ID as you originally used to purchased the add-on, you can tap 'Buy' again and you won't be charged.

If you are using pwSafe 2, but originally bought the add-on with pwSafe 1, then you need to re-install pwSafe one from the app store, restore the purchase with the old app and then perform the upgrade again using pwSafe 2's settings menu.

I'm getting error 400 when trying to sync with Dropbox?

Dropbox has recently disabled the API used by pwSafe v1.

To keep using Dropbox, you need to upgrade to pwSafe 2, which superseded pwSafe 1 in 2014.

Do I need to subscribe to sync or otherwise use pwSafe?

Pwsafe chrome extension

No, the subscription is just for pwSafe Cloud. Although we think pwSafe Cloud adds great value to pwSafe, you don't need to subscribe to it to have a fully-functional password manager, including access to Apple's iCloud Drive for syncing. You'll be missing only Cloud Memory and Cloud Backups.

How do I use Safari integration on iOS?

Before using it, you need to enable pwSafe's action extension. To do that, tap the share icon and then select the rightmost ellipsis icon on the black and white icon row. Enable pwSafe in the list which will pop up.

Then, whenever you need to autofill a form, create a new password or change an existing one, tap the share icon and then the black and white pwSafe icon. You may move that icon to the left by tapping, holding and then dragging it with your finger.

First, unlock your safe as usual, using your password. Them, tap the settings button to the bottom of the screen, which is the safe settings button. Finally, tap 'Enable TouchID'.

Next time you need to unlock your safe, you'll be able to do so using your fingerprint.

I lost my password, how do I recover my data?

You don't, that's impossible. The password is used as a cryptographic key to encrypt your data. That means that we couldn't recover your password or data even if we wanted or were coerced to do it.

The only way to recover you password is to try every possible combination of numbers, letters and symbols (brute-force).

Since your safes are files you manage, instead of information stored on some database we operate, you need to recover your file.

You could have backups made by pwSafe itself:

  1. If you use pwSafe Cloud, your data might be in the Cloud Backups service. Tap/click the little cloud icon and then the 'Cloud Backups' text to list what is stored in your account.

  2. If using iOS, try the 'Restore Backups' function on the settings menu.

  3. If using a Mac, and you know exactly where your safe was, create a new safe under the same name in the same folder and use the 'File', 'Revert to...' menus.

  4. If using a Mac, try restoring from Time Machine. iCloud safes are stored in

If backups didn't solve it for you:

Pwsafe Cloud

  • if your safe was in iCloud, it could be that:

  1. You were using iOS 7 or earlier and OS X Mavericks or earlier and started using iOS 8 or OS X Yosemite. iOS 8 and OS X Yosemite use a new iCloud technology called 'iCloud Drive'. The thing is that iCloud drive only works with iOS 8 and OS X Yosemite, it doesn't work on OS X Mavericks or iOS devices running iOS 7.

  2. The email address used to log on to iCloud has been changed, thereby switching iCloud accounts. If that's the case, switch back, remove your safe from iCloud, switch again and move it back into your new account's iCloud Drive.

  3. Trying to reclaim storage space, you or someone with whom you share your iCloud account deleted pwSafe's data. If that's the case, you might be able to restore it using the 'Restore backups' function on the settings menu (iOS). If using a Mac, create a safe under the same name and use the 'File' - 'Revert to' menus to try and find your safes' data

  4. Your device lost sync with iCloud servers. Log in to drive.icloud.com from your computer to verify what's in Apple's servers. If your data is there:

  • Turn pwSafe off inside iCloud Drive, inside iCloud settings (system preferences on the Mac, settings app on iOS).

  • Reboot

  • Turn it back on

  • If your safe was stored on Dropbox, tap the + button and select 'Link to safe in Dropbox'. Finally, browse for your safe in your Dropbox folder. If it's not there, you may want to log on to dropbox.com using your computer and restore it from deleted files.

  • If your safe was stored locally on an iOS device (unsynced), your best bet is a full phone backup (iCloud or iTunes).

When I try to unlock my safe, I get an error saying 'can't open file'. How to fix that?

How To Use Password Safe

  1. Tap Edit

  2. Tap your safe's name

  3. Choose a new name for with English characters only

  4. Tap 'Done'

Which encryption algorithms does pwSafe use? How secure is it?

pwSafe uses Twofish for encryption. Twofish is a 256-bit algorithm which was one of the five finalists of the AES competition (won by Rijndael algorithm). If you wish more details, that's the technical description of pwSafe's file format.

Since only using strong algorithms is not enough, pwSafe borrows its security code from the Password Safe open-source project, which is around 10 years old and has been originally designed by the security guru Bruce Schneier. By doing that, it ensures a very low probability of having security related bugs which would allow an attacker to go around the cryptography. It also brings another advantage: it is compatible with many apps for many different platforms.

When transfering your safes to and from Dropbox it uses SSL, which encrypts all data and also authenticates the Dropbox server. The same goes for Cloud Backups.

If a master password is configured, when pwSafe is moved to the background, it encrypts the passwords you used to open the safes which are not closed (the ones with a red padlock). This encryption is performed using AES-128 in CBC mode and an encryption key derived from your master password by hashing it and a random salt with SHA-256 128 times.

Why don't pwSafe use a 512-bit (or longer) encryption algorithm?

The short answer to this question is: because it wouldn't make pwSafe safer.

That's actually an interesting question, because it contains a common misconception caused by misunderstanding of cryptography fundamentals by marketing-driven security products manufacturers. Let me explain:

  1. Provided you use a sufficient large key (128 bits is large enough) you can't break an encryption algorithm by brute-forcing it. Unless quantum computers become practical, there's not enough energy in the entire solar system to try all combinations.

  2. There is no such thing as 512-bit AES, which is advertised by some. AES comes in 3 flavors, 128, 192 and 256 bits. As strange as it may look, 128-bit AES is actually considered the safer choice, due to advances that have been found by scientists trying to break the other variations.

  3. After about the 128-bits threshold, adding bits to a cryptography algorithm doesn't necessarily make it safer. Take the AES example above: Bruce Schneier, a famous cryptography scientist, recently wrote: 'And for new applications I suggest that people don't use AES-256. AES-128 provides more than enough security margin for the foreseeable future.'

pwSafe uses Twofish encryption algorithm (256 bits key). Although AES-128 would be a better choice security-wise (it's a more thoroughly analyzed algorithm than Twofish), changing algorithms would break compatibility with Password Safe apps for the Mac, PC and Linux, which is a big advantage.

How to assign an entry to a group?

On the Mac, drag and drop the entry on the left list.

On iOS, tap edit, then tap the 'Group' section just below the email field (it only appears when editing).

I upgraded Safari or macOS and the browser extension disappeared.

Pwsafe Review

Safari 13, which is the default on macOS Catalina removed support for web extensions in favor of Safari App Extensions. This made pwSafe’s extension stop working.

pwSafe does not have a Safari App Extension yet, but one is in the works. We'll release an app update when it's ready. We know auto filling in web pages is a very important function of the app and are working on restoring this functionality as soon as possible.

Is pwSafe a 64-bit application compatible with macOS Catalina?

Yes, it is.

Still have questions?

Install Password Safe

Password Safe

The security of Twofish in a password database

Support

Pwsafe For Windows 10

Password Safe is now an open source project. As of July 5, 2017, the latest Windows version is 3.43.0. A Linux version is currently in beta. To download the program, or for technical support, please visit its website.

A portable version (designed to run with no installation or registry changes) is available from PortableApps.com.

Various third-party ports, clones, and readers are also available. I haven’t looked at any of these programs, and can’t vouch for their compatibility or their security.

Pwsafe Iphone

Many computer users today have to keep track of dozens of passwords: for network accounts, online services, premium web sites. Some write their passwords on a piece of paper, leaving their accounts vulnerable to thieves or in-house snoops. Others choose the same password for different applications, which makes life easy for intruders of all kinds.

With Password Safe, a free utility designed by Bruce Schneier, users can keep their passwords securely encrypted on their computers. A single Safe Combination–just one thing to remember–unlocks them all.

Password Safe protects passwords with the Twofish encryption algorithm, a fast, free alternative to DES. The program’s security has been thoroughly verified by Counterpane Labs under the supervision of Bruce Schneier, author of Applied Cryptography and creator of the Twofish algorithm.

Password Safe features a simple, intuitive interface that lets users set up their password database in minutes. You can copy a password just by double-clicking, and paste it directly into your application. Best of all, Password Safe is completely free: no license requirements, shareware fees, or other strings attached.

Pwsafe2john

See the Twofish page for more information on the Twofish algorithm, including links to other products that use Twofish.

PC World Review
PC World Blog Review
The Security Pub Review
Nomad Mobile Research Center Review of Password Safe 1.7
PC Magazine Editors’ Choice
Best Reviews Review

up to Academic

Sidebar photo of Bruce Schneier by Joe MacInnis.