USB Key Encryption
Damaging loss and theft of data on flash drives is rising with the rate of ownership. In an age where sensitive information could potentially be stored on such a drive, it would be reassuring to know that its contents are protected in the event of loss. N-Pass delivers in this regard with its “EVD” (encrypted virtual disk) functionality, which seamlessly encrypts files with one of six user-selected cryptosystems.
n-Pass accomplishes its encryption by acting as a transparent layer between the physical drive and a virtual clone of the drive that n-Pass creates. All information that’s to be saved on the physical drive must first be saved to the virtual clone under a new drive letter, which is then placed in an encrypted state on the physical drive. Saving information to the drive was conveniently drag-and-drop just like any flash drive would be. Users returning to the same PC to reinsert the drive will have it automatically re-mounted for use which cultivated an end-user experience that was easy and trouble-free.
Even more uniquely, n-Pass can use the same wizard to create an encrypted image file that resides inertly on your hard drive and functions identically to the encrypted flash drives. A user could conceivably create an encrypted image and store that on an encrypted flash drive for incredibly powerful protection.
n-Pass’ system tray icon starts the EVD wizard
Choose between an encrypted image or encrypted flash drive
Pick your flash drive from the list of system drives
Select one of six cryptosystems
Format the drive to prepare it for use
All files destined for our drive must now be saved to Z:
After we loaded up our virtual flash drive on Z: with files, unmounting it and attempting to access the drive under its old letter of H: prompted Windows to inform us that the drive was no longer formatted for use. A user that stumbled upon your lost flash drive would probably format the drive as prompted and carry on. Your information may be lost, but that’s a far cry better than having it compromised.
We went one step further to see if today’s data recovery applications could make heads or tails of the encrypted drive’s contents, but all of them reported that its file system was damaged beyond repair. It’s possible that a user could recover information from the drive through more advanced means, but our drive handily thwarted rounds of Testdisk, Spinrite and GetDataBack.
Caveat
Throughout the course of testing the software, one particular weakness made us feel ill at ease with the total security provided by n-Pass: once the primary application is loaded, which requires password authentication, passwords can be clearly displayed in plain text at the user’s choosing. The authentication box for n-Pass has no timeout and offers unlimited login attempts. Any user can commit to a pre-computed dictionary attack by using tools such as l0phtcrack, John the Ripper and Cain and Abel. A simple brute-force hammering of the login box could be executed via AutoHotKey or AutoIt with the dictionary files loaded into an array. Once the single point of failure is compromised, any user could harvest any of the information clearly presented in the n-Pass application proper.
Wrapup
Positively, we came away impressed with the EVD technology n-Pass provides for flash drives and encrypted disk images. We felt it was a very simple and seamless way to get much-needed protection on flash drives which are easy to misplace. The algorithms available to protect the content are top-notch, but we would like to have seen less effective/slower encryption techniques like TDES removed to eliminate user confusion. We were also pleased with n-Pass’ speedy management of static and often-used forms; the auto-submission feature generally worked quite well to expedite logins.
Unfortunately, n-Pass’ lack of awareness to Firefox and its poor management of single-use forms disappointed. Furthermore, employing a single password to protect dozens of passwords to sensitive aspects of our web presence is a single point of failure that could compromise the entire point of the program. There are various remedies to this concern, but we would implement RSA SecureID and bundle n-Pass with an inexpensive key fob.
All things considered, the n-Pass software was a simple-to-use program with a lot of potential hamstrung by a few issues that left us uncomfortable. If n-Trance worked towards resolving what we’ve presented, we would have no problem recommending n-Pass to anyone.
Articles RSS