Hello, my name is Ivan. I lead Third Pin LLC — a team of enthusiasts, keen on developing special electronics and software. We are often glad when there is an opportunity to explore a new realm in the course of the daily routine.
Recently we again encountered a well known but very entertaining data security issue.
The issue is how to ensure the sufficient complexity of sensitive passwords with the least disturbance to the user's workflow.
We had summarized significant number of ideas, opinions, expirience and expectations about this, and conducted a series of tests for proof of concept.
Now we have a neat solution. Let me share with you some details about one of our favorite in-house projects — Pastilda.
It provides easy and safe auto-login to bank accounts, mailboxes, corporate network or social media.
It is an open-source hardware designed to manage the credentials in handy and secure way.
So if you also have to daily remember and enter a number of strong passwords — assign it to Pastilda.
Pastilda never reveals master key to the host. Decrypted data stays onboard, unreachable for malware.
While in regular mode Pastilda transponds all keystrokes with no changes
In "Pastilda mode" your keystrokes are never sent nowhere except Pastilda. Host recieves only used credentials and names of fields in database. So your master password and whole database always in safe.
Cost efficient configuration.
Basic fully functional Pastilda for use with external keyboards.
Improved mobility configuration. Includes Pastilda Desktop and special USB scroller plug for use without external keyboard if needed.
Most flexibile configuration. Staffed with the scroller and set of plugs and cords for use with most of mobile devices.
Free samples for data security experts and opinion leaders. We are looking for clear feedback.
How does it work?
Pastilda has two USB slots: one to connect keyboard, one to connect it to your PC. So, your OS recognizes Pastilda as composite device: a keyboard and a flash drive. And your real keyboard now is visible just for Pastilda, your PC doesn't see it at all.
On flash drive you should store KeePass 2.x portable app and encrypted KeePass database (.kdbx file).
In a regular mode, everyting you type on you keyboard translates through Pastilda to your PC.
If you need to sign in, you need to switch to "Pastilda mode". To do that you have to set your mouse cursor inside a login textbox and then type combination Ctrl + ~. After that, Pastilda will ask you to enter password from your KeePass database.
If password is correct Pastilda decrypts your database and you can start to navigate trough it with arrows left, right, up and down. As soon as you find login you looking for, you should type Enter and after that, Pastilda automaticly substituted the corresponding password in password textbox and enters you account.
If password is incorrect Pastilda will offer you to enter password again. So, you can either continue to enter password or go back to regular mode by pressing Esc key on your keyboard.