sec keeper en

© Dekart

USER GUIDE

DEKART SECRETS KEEPER

Secrets KeeperI

© Dekart

Table of Contents

Part I License and trademarks information 1

Part II Glossary 1

Part III Introducing Secrets Keeper 2

................................................................................................................................... 21 Secrets Keeper purpose and features

................................................................................................................................... 32 Secrets Keeper product's components

................................................................................................................................... 33 Secrets Keeper hardware and software requierments

................................................................................................................................... 34 Supported key storage and biometric devices

Part IV Installation of Secrets Keeper 5

................................................................................................................................... 51 Installing of Secrets Keeper

................................................................................................................................... 122 Updating of Secrets Keeper

................................................................................................................................... 153 Uninstalling of Secrets Keeper

Part V Using Secrets Keeper 16

................................................................................................................................... 161 Starting the application

................................................................................................................................... 172 Configuring the application

................................................................................................................................... 173 Maintaining the Key

.......................................................................................................................................................... 18Controlling the file encryption password stored on the Key

.......................................................................................................................................................... 20Changing the PIN code

.......................................................................................................................................................... 22Unblocking the Key

.......................................................................................................................................................... 23Adding a BIO ID to the KSD

.......................................................................................................................................................... 25Changing the BIO ID

................................................................................................................................... 264 Encrypting files without using the Key

................................................................................................................................... 275 Decrypting files without using the Key

................................................................................................................................... 286 Encrypting files using the Key

................................................................................................................................... 297 Decrypting files using the Key

................................................................................................................................... 308 Using Drag'n'Drop to encrypt/decrypt files

................................................................................................................................... 309 Encrypting /decrypting files via the context menu

................................................................................................................................... 3010 Creating a Self-Extracting encrypted archive

................................................................................................................................... 3211 Using a Self-Extracting encrypted archive

................................................................................................................................... 3312 Secrets Keeper and MS Office

................................................................................................................................... 3413 Wiping files

................................................................................................................................... 3514 Getting information about Secrets Keeper

................................................................................................................................... 3615 Closing Secrets Keeper

Part VI Additional information 36

IIContents

II

© Dekart

................................................................................................................................... 361 Biometric authentication in Secrets Keeper

................................................................................................................................... 372 Registering Secrets Keeper

................................................................................................................................... 383 Troubleshooting

................................................................................................................................... 404 Specifications of common Keys (PIN, capacity)

Index 43

Secrets Keeper1

© Dekart

1 License and trademarks information

COPYRIGHTCopyright © Dekart SRL. All Rights Reserved. No part of this publication may bereproduced, transmitted, transcribed, stored in a retrieval system, or translated into anylanguage in any form or by any means without the written permission of Dekart SRL, or itssuppliers or affiliate companies.

DISCLAMERDekart SRL makes no representations or warranties with respect to the contents or use of thismanual, and specifically disclaims any express or implied warranties of merchantability orfitness for any particular purpose. Further, Dekart SRL reserved the right to revise thispublication and to make changes to its content, at any time, without any obligation to notifyany person or entity of such revisions or changes.

Further, Dekart SRL makes no representations or warranties with respect to any SecretsKeeper software, and specifically disclaims any express or implied warranties ofmerchantability or fitness for any particular purpose. Further, Dekart SRL reserved the right tomake changes to any and all parts of Secrets Keeper software, at any time, without anyobligation to notify any person or entity of such revisions or changes.

LICENSE AGREEMENTNOTICE TO ALL USERS: FOR THE SPECIFIC TERMS OF YOUR LICENSE TO USE THE SOFTWARETHAT THIS DOCUMENTATION DESCRIBES, CONSULT THE README.1ST, LICENSE.TXT, OROTHER LICENSE DOCUMENT THAT ACCOMPANIES YOUR SOFTWARE, EITHER AS A TEXT FILEOR AS PART OF THE SOFTWARE PACKAGING. IF YOU DO NOT AGREE TO ALL OF THE TERMSSET FORTH THEREIN, DO NOT INSTALL THE SOFTWARE.

DEKART SRL TRADEMARK ATTRIBUTIONSSecrets Keeper is a trademark of Dekart SRLAll other registered and unregistered trademarks in this document are the sole property oftheir respective owners.

DEKART SRL CONTACT INFORMATION

E-mail:for sales details: [email protected] product support: [email protected] comments and feedback: [email protected]

WWW: www.dekart.com

2 Glossary

Secrets Keeper (SK) – the name of the program.

Key, KSD (Key Storage Device) – a removable device on which information needed to

mailto:[email protected]



http://www.dekart.com

Glossary 2

© Dekart

decrypt and access your encrypted data is stored. A KSD can be a smart card, a USB token, aUSB flash drive, a memory card, etc.. The KSD can be secured with a PIN code, but it canwork without a PIN too.

PIN (Personal Identification Number) – a number which must be provided in order toaccess the contents of the KSD. The PIN can be 1 to 8 characters long and must be keptsecret.

BIO ID – a biometric ID that holds information about the unique features of your body (ex:fingerprint or iris). The size of the BIO ID is variable, in average it takes from 600 bytes (afingerprint) to 30 Kbytes (voice recording).

Biometric authentication - authentication based on the verification of specific physicalcharacteristics of the user (ex: fingerprints, iris, voice) by means of special biometricequipment.

Two-factor authentication – a process controlling the authenticity of the user's identity onthe basis of the following factors: "Something You Have – for example, the KSD device" and"Something You Know — for example, the user name and password, or the PIN-code".

Three-factor authentication – a process controlling the authenticity of the user's identity onthe basis of the following three factors: "Something You Have – for example, the KSD","Something You Know — for example, the PIN code", "Something You are – for example,your BIO ID".

3 Introducing Secrets Keeper

3.1 Secrets Keeper purpose and features

Secrets Keeper is a software solution that protects your files from unauthorized access byapplying encryption and three-factor authentication. Two of Secrets Keeper's key-advantagesare its ease of use and strong cryptographic mechanisms.

Secrets Keeper’s security principles1. Secrets Keeper’s security relies on the use of a PIN-protected Key, which contains your

BIO-ID and the information necessary to access your files. Therefore, you do not have tomemorize a complex password; while three-factor authentication minimizes the risk ofunauthorized access in case the Key is lost or stolen.

2. If the PIN is entered incorrectly a certain number of times, the Key is blocked. Note: thisnumber depends on the type of the Key, usually it is between 3 and 10 attempts (seeAppendix for more info).

Secrets Keeper’s essential advantages

Secrets Keeper3

© Dekart

1. Ease of use – no need to memorize and enter the password each time you need to accessyour files. In addition, the program has a built-in wiping feature, which allows you tosecurely erase a file from a disk, thus making its recovery impossible.

2. Mobility – self-extracting archives can be created and easily transferred to any computer,making data exchange via email or removable drives much more secure.

3. Integration – the “Encrypt file” and “Decrypt file” buttons are automatically added to theMS Office application toolbar (in Word, Excel and PowerPoint).

4. Multiple Functionality – the Key can be used with SK, as well as with other applications,such as Dekart Logon or Dekart Private Disk Multifactor.

3.2 Secrets Keeper product's components

The product consists of software modules and a Key which ‘opens’ the encrypted files. Thisguide is included too.

3.3 Secrets Keeper hardware and software requierments

Hardware requirements PC with at least one available port (COM, USB, etc. ) for the Key.

If a smart card is used as a Key, a PC/SC-compliant smart card reader is required.

If three-factor authentication is used, a biometric device, such as BioLink U-Match Mouseis needed.

Software requirements Windows 95, 98, NT4.0, 2000, ME, XP.

Driver for the Key.

Driver for the biometric device.

3.4 Supported key storage and biometric devices

Secrets Keeper supports the following devices:

Key Storage Devices:· ACOS1 card;· ActivCard ActivKey USB token series;· Aladdin eToken R2 USB token series;· Aladdin eToken PRO USB token series;· Algorithmic Research MiniKey USB token series;· Algorithmic Research PrivateCard smart card series;

Introducing Secrets Keeper 4

© Dekart

· Datakey Model 310 smart card series;· Datakey Model 330 smart card series;· Eutron CryptoIdentity ITSEC USB token series; · Eutron CryptoIdentity 4 USB token series;· Eutron CryptoIdentity 5 USB token series; · GemPlus GPK smart card series; · GemPlus MPCOS EMV smart card series; · Giesecke & Devrient STARCOS S smart card series;· Giesecke & Devrient STARCOS SPK smart card series; · Rainbow iKey 1000 USB token series; · Rainbow iKey 2000 USB token series; · Rainbow iKey 3000 USB token series;· Schlumberger Cryptoflex smart card series; · Schlumberger Multiflex smart card series; · Schlumberger Payflex smart card series; · Siemens CardOS M 4 smart card series· ruToken USB token series; · USB flash drives, CD disks, etc.; · Any memory storage device detected as a removable disk.

Smart card readers: Secrets Keeper uses virtually all PC/CS compatible smart card readers, for example: · Datakey DKR smart card reader series · GemPlus GemPC smart card reader series · OmniKey CardMan smart card reader series · Schlumberger Reflex smart card reader series · Towitoko CHIPDRIVE smart card reader series

Biometric verification devices:Dekart Software uses most types of BioAPI and HA API compatible biometric verificationdevices, for example: · Precise Biometrics Precise 100 fingerprint and smart card reader series · SCM SCR222 fingerprint reader · BioLink U-Match MatchBook · BioLink U-Match Mouse

A complete list of supported devices is available at:http://www.dekart.com/products/supported_devices/

Note 1. Before you purchase a USB token or a smart card, please make sure that it hasenough memory to store the required user information. Please, take into account that apart of the KSD's memory may be allocated to other data, e.g. BIO ID. You can find thefree space available on the card or token, as well as delete or backup data using Dekart KeyManager; for more details, see:http://www.dekart.com/products/card_management/key_manager/

http://www.dekart.com/products/card_management/key_manager/

Secrets Keeper5

© Dekart

Note 2. The KSDs shipped by Dekart are not PIN-protected, you will be prompted to set aPIN when you launch the application for the first time.

4 Installation of Secrets Keeper

Installing; Updating; Uninstalling.

4.1 Installing of Secrets Keeper

1. Make sure that all your applications are closed before you attempt to install SecretsKeeper.

2. If three-factor authentication will be used, the drivers of the biometric device must beinstalled. Note: if biometry-enabled applications were not previously used on yourcomputer, you have to install the BioAPI Framework, available at www.bioapi.org, theImplementation section).

3. To start the installation process, launch SecKeeper.exe.

4. Read the information on the welcome screen, and then press Next.

Installation of Secrets Keeper 6

© Dekart

5. You have to agree with the terms of the license agreement in order to continue theinstallation process.

Secrets Keeper7

© Dekart

6. In the next step, provide information about yourself and type in the registration number ofthe product.


© Dekart

7. Then indicate the folder in which Secrets Keeper will be installed.

Secrets Keeper9

© Dekart

8. Indicate the folder of the Start Menu in which Secrets Keeper’s shortcuts will be added.


© Dekart

9. Check the additional options as necessary (place a shortcut on the Desktop, display theReadMe file, automatically launch the application) and press Next.

Secrets Keeper11

© Dekart

10. Press Finish to finalize the installation process.


© Dekart

After that the program will copy its files to your system and complete the installation process.

4.2 Updating of Secrets Keeper

1. If the installation program is launched again, it will automatically detect the currentlyinstalled version of Secrets Keeper and collect all the data necessary to perform theupdate.

Secrets Keeper13

© Dekart

2. To continue the process press Next. This will display the license agreement which youneed to accept in order to proceed.

3. When all the necessary information is collected, press Next.


© Dekart

4. Press Finish to complete the process.

Secrets Keeper15

© Dekart

Afterwards, the program will update the existing files, or add the new ones if necessary.

Note. You need to restart your computer after updating Secrets Keeper.

4.3 Uninstalling of Secrets Keeper

Follow these steps if you wish to uninstall the product:

1. Go to Start Menu \ Programs, select the folder you chose at step 8 when installing theprogram (see Installing Secrets Keeper), then choose Uninstall. An alternative way is togo to Control Panel \ Add or Remove Programs, choose Secrets Keeper and pressUninstall). The following window will appear on the screen:


© Dekart

2. To confirm your decision, press Yes..

3. After successful completion of the de-installation process, you will see the followingmessage:

5 Using Secrets Keeper

Below is a list of Secrets Keeper’s functions:

Secrets Keeper configuration.

Key maintenance.

Encrypting / decrypting files without the Key.

Encrypting / decrypting files with the Key.

Encrypting / decrypting files from within MS Office applications.

Using Drag'n'Drop to encrypt / decrypt files.

Encrypting / decrypting files via the context menu.

Creating a Self-Extracting encrypted archive.

Wiping files .

Note. If the Key is PIN-protected and (or) if it contains a BIO-ID, the program will askyou to perform two- or three-factor authentication prior to performing any operationwhich requires the Key (encrypt / decrypt with the Key, change Key options, etc.)

5.1 Starting the application

The program can be started in one of the following ways:

· Go to Start Menu \ Programs, select the folder you chose at step 8 when installingthe program (see Installing Secrets Keeper), then run the program.

· In Windows Explorer, open the folder indicated at step 7 of the installation process(see Installing Secrets Keeper), then run the program.

The application’s window will appear on the screen.

Secrets Keeper17

© Dekart

5.2 Configuring the application

We recommend you to configure the application after you start it for the first time, you can dothat by pressing Options… . The following window will appear on the screen:.

Below are Secrets Keeper’s options (check to enable, un-check to disable):1. Associate the <.skf> extension with Secrets Keeper.

2. Automatically decrypt a <.skf> file when it is double-clicked then run the applicationassociated with the decrypted file.

3. Use the Key to access encrypted files.

4. Automatically check if a newer version is available.

5. Compress the file before encrypting it.

6. Delete files after encryption. Note: We advise you to enable this option, to avoidaccidental data leaks. .

5.3 Maintaining the Key

To use the Key when encrypting files, enable Use Key in the Options… menu. From thismoment on, the program’s main window will look like this:

Using Secrets Keeper 18

© Dekart

If you wish to change some of the Key’s parameters, connect the Key and press Key.

The following options are available:

Add or change password.

Remove password. Add or change PIN.

Unblock Key.

Add or change BIO-ID.

Note. If the Key is PIN-protected and (or) if it contains a BIO-ID, the program will askyou to perform two- or three-factor authentication prior to performing any operationwhich requires the Key (encrypt / decrypt with the Key, change Key options, etc.)

5.3.1 Controlling the file encryption password stored on the Key

Enabling Use Key allows you to add, change or remove the Key’s encryption password.

Changing the password.

To add a password or change an existing one, press Key \ Password, and enter the newpassword in the appearing window. The password’s strength (i.e. cryptographic complexity) isautomatically shown in the Password quality field.

Note. The password can be 1 to 64 characters long, it may contain letters, digits, andspecial characters.

Secrets Keeper19

© Dekart

To create a cryptographically strong password, use the Create password function. In this casea random set of characters will be generated and used as a password.

To store the new password on the Key, press Store password. Note that after creating a newpassword, you will be unable to decrypt the documents that were encrypted with the oldpassword. The program will notify you about the consequences of changing a password andask you to confirm your decision.


© Dekart

To complete the operation, press Yes.

Deleting the password

To delete the password from the Key, press Key \ Delete password. Note that after deletingthe password, you will be unable to decrypt the documents that were encrypted with it. Theprogram will notify you about the consequences of deleting a password and ask you toconfirm your decision.

To complete the operation, press Yes.

5.3.2 Changing the PIN code

To add a PIN to your Key or change an existing one, perform the following operations:

1. Start the application (follow the steps given in the Starting the application section).

2. Press Key \ Change PIN. The Change PIN window will appear on the screen.

Secrets Keeper21

© Dekart

3. Enter your new PIN in the PIN field, and then enter it again in the Confirm field. Tofinish, press OK.

Note. The PIN can be 1 to 8 characters long.

4. If you do not wish to use a PIN code, uncheck Enable PIN and press OK. Note: we do notadvise you to leave the PIN empty, especially if you use a USB flash disk as a Key. Inthis case, others will be able to make copies and use the Key without your consent.


© Dekart

The following window appears on the screen if the operation is successfully complete.

5.3.3 Unblocking the Key

If the PIN was incorrectly entered more than once, the Key will be blocked. To unblock theKey, press Key \ Unblock Key… . The Unblocking the Key window will appear on the screen:

Enter your PIN in the Enter PIN field and press OK.

If the entered PIN is incorrect, the Key will be permanently blocked.

(Does not apply to flash-memory based keys)

The following window will appear on the screen if the operation is successful:

Note. The Appendix provides a list of Keys and their maximum number of PIN-entering

Secrets Keeper23

© Dekart

attempts.

5.3.4 Adding a BIO ID to the KSD

If you wish to switch from two-factor authentication to three-factor authentication, abiometric ID has to be assigned to the Key.

Note. When choosing a biometric device, consider your intrinsic physical traits (ex: certainfingerprint scanners will not work if the skin is too dry). Keep in mind that theenvironment has a major impact on voice-recognition; therefore the position of yourcomputer is important.

To add a BIO ID, follow these steps.

1. Press Key \ Change BIO ID in the program’s main menu. A list of available biometricdevices will appear on the screen.

2. Check the Enable Biometric ID verification checkbox and choose the preferred devicefrom the list.

3. If a fingerprint scanner is chosen, ex: Bio-Link U-Match, you will be asked to press yourfinger against the scanner several times. When the necessary information is gathered, itwill be saved to the Key.


© Dekart

If you choose a voice recognition device, such as SAFLINK Scan-Soft Voice Verification,you will be asked to pronounce a key-phrase. As in the previous case, the BIO ID is stored onthe KSD once it is collected.

Secrets Keeper25

© Dekart

5.3.5 Changing the BIO ID

To change the biometric ID, follow these steps.

1. Launch the application (according to the instructions given in the Starting the applicationsection).

2. Press Key \ Change BIO ID. The Change Biometric ID window will appear on the screen(see. Adding a BIO ID).

3. Choose the currently active biometric device from the list.

4. As in the case of adding a BIO ID, depending on the biometric device you choose, youwill be asked to perform a certain action (ex: pronounce a phrase, press your finger againstthe scanner, etc). When the process is done, the BIO ID is saved on the Key.

Note. If you wish to disable biometric authentication, uncheck "Enable Biometric IDverification" in the Change Biometric ID window.


© Dekart

5.4 Encrypting files without using the Key

If you wish to encrypt files without a Key, follow the steps below:


2. Press File \ Encrypt file(s)… .

3. The Select file(s) to encrypt dialog will appear on the screen. Type the name of the file(s)you wish to encrypt in the File name field. You can also use your mouse to select a file.Selecting multiple files can be done by holding Ctrl and clicking on them

1. Enter your password in the Password field, and then confirm it by typing it again in theConfirm field. Note. The password can be 1 to 64 characters long.

Secrets Keeper27

© Dekart

2. Press Open to complete the operation.

Once the operation is successfully complete, the original files will be replaced with theirencrypted versions, which have the <.skf> extension.

Note. If Wipe file(s) after encryption is enabled, the original files will be deleted afterencryption. Otherwise, if the option is disabled, the original (unencrypted) files will be leftintact.

5.5 Decrypting files without using the Key

If you wish to decrypt files without a key, follow the steps below:


2. Press File \ Decrypt file(s)… . The Select file(s) to decrypt dialog will appear on thescreen.

3. Enter the name(s) of the file(s) you wish to decrypt in the File name field.

4. Enter the decryption password in the Password field.

5. Press Open to continue the operation.

Once the operation is successfully complete, the decrypted files will appear in the samefolder.


© Dekart

5.6 Encrypting files using the Key

Follow these steps in order to encrypt a file:


2. Connect the Key to the computer.

3. If an encryption password is not yet stored on the Key, one should be added (see.Controlling the file encryption password stored on the Key).

4. Press File \ Encrypt file(s)… .

5. If the Key is PIN-protected, or if it was previously assigned a biometric ID, the programwill ask you to go through the two- or three-factor authentication procedure.

6. The Select file(s) to encrypt dialog will appear once authentication is successfullycomplete.

7. Type the name of the file(s) you wish to encrypt in the File name field. Selecting multiplefiles can be done by holding Ctrl and clicking on them


Once the operation is successfully complete, the original files will be replaced with theirencrypted versions, which have the <.skf> extension.

Secrets Keeper29

© Dekart

Note. If an encryption password is not stored on the Key, the program will notify you aboutthat and automatically switch to the Encrypting files without using the Key mode.

Note. If Wipe file(s) after encryption is enabled, the original files will be deleted afterencryption. Otherwise, if the option is disabled, the original (unencrypted) files will be leftintact.

5.7 Decrypting files using the Key

To decrypt files using the Key, follow these steps.


2. Connect the Key to the computer.

3. Press File \ Decrypt file(s)… .

4. If the Key is PIN-protected, or if it was previously assigned a biometric ID, the programwill ask you to go through the two- or three-factor authentication procedure.

5. The Select file(s) to decrypt dialog will appear once authentication is successfullycomplete.

6. Type the name of the file(s) you wish to decrypt in the File name field. Selecting multiplefiles can be done by holding Ctrl and clicking on them.



© Dekart

Once the operation is successfully complete, the decrypted files will appear in the samefolder.

Note. If an encryption password is not stored on the Key, the program will notify you aboutthat and automatically switch to the Decrypting files without using the Key mode.

5.8 Using Drag'n'Drop to encrypt/decrypt files

You can encrypt or decrypt a file via the Drag'n'Drop mechanism. To do that, click on aninitial or encrypted file with your mouse and drag it onto Secrets Keeper's window or SecretsKeeper's shortcut or Secrets Keeper's icon. When the file is dropped, theencryption/decryption procedure will be activated.

5.9 Encrypting /decrypting files via the context menu

Secrets Keeper allows you to encrypt and decrypt files via the context menu. You can do thatby right-clicking any file and choosing the appropriate option from the menu. If the file isencrypted, press Decrypt (by Secrets Keeper) to decrypt it; otherwise, press Encrypt (bySecrets Keeper) to encrypt it. The encryption \ decryption will be done using the program’scurrent settings (with, or without a key).

5.10 Creating a Self-Extracting encrypted archive

Follow these steps if you wish to create a self-extracting encrypted archive:


2. If you wish to use a Key to access the archive, connect it to the computer. Note that if theKey is PIN-protected, or if a BIO-ID is assigned to it, the program will also guide youthrough the two- or three-factor authentication process once you reach step 7.

3. Press File \ Create a Self-Extracting encrypted archive or the ЕХЕ button located in theprogram’s main window. The Create a Self-Extracting encrypted archive window willappear on the screen.

Secrets Keeper31

© Dekart

4. Enter the full path and name of the self-extracting archive you plan to create in theArchive Name field.

5. Enter the full path and full name of the file(s) you wish to be included in the encryptedarchive in the Added files field. Note. The file names your entered should be enclosed indouble quotation marks, and they must to be separated by spaces. Example:"C:\Documents\Work\table.dat" "D:\Files and Settings\storage.inf".An alternative wayto add the files is to press the Add Files button and use the visual dialog.

6. Choose the file(s), and press Open. Selecting multiple files can be done by holding Ctrland clicking on them. The chosen files will be automatically added to the Added filesfield.

7. Press Create.

8. If the program is configured not to use a Key when encrypting files, you will be asked toenter the encryption password. Then press ОК.


© Dekart

Note: make sure that the extension of the self-extracting encrypted archive is <.exe> beforeattempting to launch it; although it can be changed to any other extension duringtransportation (ex: when the file is sent via email)

5.11 Using a Self-Extracting encrypted archive

To extract files from a self-extracting encrypted archive, follow these steps:

1. Start the EXE-file previously created by Secrets Keeper.

2. If a Key was used to create the archive, connect it to the computer and go through the two-or three-factor authentication process (depending on whether the Key is PIN-protected, orif a BIO-ID is assigned to it). If a Key was not used during the encryption process, theprogram will ask you to enter the decryption password.

3. The Self-extracting SecKeeper archive window will appear on the screen. Press Browse to choose the directory in which the files will be extracted.

Secrets Keeper33

© Dekart

4. Press Extract.

Note: make sure that the extension of the self-extracting encrypted archive is <.exe> beforeattempting to launch it; although it can be changed to any other extension duringtransportation (ex: when the file is sent via email).

5.12 Secrets Keeper and MS Office

Once Secrets Keeper is installed, you will see a new set of buttons in the toolbars of MSOffice applications, such as Word, Excel or PowerPoint. The buttons are “Save document asencrypted”, and “Decrypt and open document”; they allow you to use Secrets Keeper directlyfrom MS Office.

When pressing one of these buttons, you will be asked to indicate the file you wish to encryptor decrypt.


© Dekart

Depending on the program’s configuration (if it uses a Key to encrypt files or only apassword), you will be asked to connect the Key and perform the authentication process orenter your password. Afterwards the encryption/decryption operation will be executed.

5.13 Wiping files

Secrets Keeper can securely erase any file, by filling its contents with random data beforedeleting it.

To securely erase a file, follow these steps:


2. Press File \ Wipe file(s)… .

3. The Select file(s) to wipe dialog will appear on the screen. Type the name of the file(s)you wish to erase in the File name field. You can also use your mouse to select a file;selecting multiple files can be done by holding Ctrl and clicking on them

Secrets Keeper35

© Dekart

4. Press Open to complete the operation.

5.14 Getting information about Secrets Keeper

To obtain product-related information, press Help \ About.

The About Secrets Keeper window will appear on the screen.


© Dekart

If the program is not registered, the window will look like the one shown in the RegisteringSecrets Keeper section.

5.15 Closing Secrets Keeper

To quit Secrets Keeper, press File \ Exit or close the program’s main window.

6 Additional information

6.1 Biometric authentication in Secrets Keeper

If three-factor authentication is used (i.e. Enable Biometric ID verification in the ChangeBiometric ID window is checked), Secrets Keeper will ask you to enter the PIN-code andperform the biometric authentication. Depending on the biometric device you have, you willbe asked to perform a certain action (ex: pronounce a phrase, press your finger against thescanner, etc). If the obtained biometric data do not match the BIO-ID stored on the Key, theprogram will ask you to go through the biometric authentication process again.

Therefore, a person that possesses the Key is unable to use it unless their biometric featuresare the correct ones.

Secrets Keeper37

© Dekart

6.2 Registering Secrets Keeper

To register the application, enter your registration information in the fields of the AboutSecrets Keeper window.

If the trial period has expired, and the program is still not registered, the registration form willbe shown when the application starts.

Additional information 38

© Dekart

After entering the registration information, Secrets Keeper will continue to work; otherwiseyou will not be able to use the program anymore.

If you use a trial version of the program, please, use the Dekart Buy on-line page to purchase aregistration number. After your transaction is processed, you will receive an email with theregistration number. If you use a licensed version of the program, you can obtain a registrationnumber at the Software Registration (Register) page at www.dekart.com.

6.3 Troubleshooting

Error messages

Message Possible cause Possible solution

https://inside.dekart.com/register/

https://inside.dekart.com/register/

http://www.dekart.com

Secrets Keeper39

© Dekart

ATTENTION! Bad PINcode was entered!

An incorrect PIN was entered. Repeat the operation,making sure that a valid PINis provided.

Attention! By entering aninvalid PIN multiple timesyou can block the Key!

A list of Keys and theirmaximum number ofinvalid PIN entries isprovided in Specificationsof common Keys (PIN,capacity).

Key is blocked The Key is blocked. To unblock the Key pressKey \ Unblock Key

Attention! If an invalidPIN will be providedduring the unblockprocedure, the Key will bepermanently blocked!

KSD is not blocked yet The Key is not blocked yet There is no need to unblockthe Key as it is not blocked.

Confirm PIN does notmatch the original PIN

The entered PIN doesn’t matchthe PIN provided in theConfirm field.

Repeat the operation,making sure that the PIN inthe Confirm field matchesthe original PIN.

The PIN should be atleast 4 symbols long

The entered PIN is less than 4characters long.

Repeat the operation byentering a longer PIN.

Error while processingthe Key.

An error occurred whilewriting the password tothe Key!

An error occurred whileprocessing the Key

Try to perform the operationagain. If the problempersists, contact Dekart’stechnical support team.

Error while writing datato the KSD (Not enoughfree space on the KSD)

An error occurred whenattempting to write data to theKey, most likely there is notenough free space.

Make sure there is enoughfree space on the Key. Oneway to do that is to useDekart KeyManager.


© Dekart

An error occurred whilecreating the password!

An error occurred whilechanging the password!

An error occurred whencreating or changing thepassword.

Try to perform the operationagain. If the problempersists, contact Dekart’stechnical support team.

The Key does notcontain a passwordrequired for theencryption process!

The Key does notcontain a passwordrequired for thedecryption process!

The connected Key does notcontain a password.

Connect a Key whichcontains a password andrepeat the operation, orassign a password to theKey by pressing Key \Password… .

An error occurred whilereading the source file!

An error occurred whileopening the destinationfile!

An error occurred whileprocessing a file.

Check whether there are anyapplications which areaccessing the file. It is alsopossible that the file iscorrupt.

You are trying todecrypt a file that is nota <.skf> file!

The file you attempt to decryptis not a Secrets Keeperencrypted file.

Secrets Keeper can onlydecrypt files it haspreviously encrypted.

The password youentered is incorrect forthe given file

The provided password isincorrect.

Enter a valid password.

Biometric verificationfailed!

The computed BIO-ID doesnot match the one stored on theKey.

Go through the biometricauthentication procedureagain.

Note. If any other error message occurs, contact Dekart’s technical support team:http://www.dekart.com/support/howto/howto-contact-us/ .

6.4 Specifications of common Keys (PIN, capacity)

Key nameHardware PIN /Dekart software

PIN

Number ofincorrect PIN

input attempts

Number of PINunblockattempts

Maximumamount ofavailable

memory (kB)

Aladdin eToken PRO

Dekart softwarePIN

3 3 16, 32, 64

Secrets Keeper41

© Dekart

Aladdin eToken R2

Hardware PIN ∞ - 16, 32, 64

SchlumbergerMultiflex

Dekart softwarePIN

3 3 4, 8

SchlumbergerCryptoflex

Dekart softwarePIN

3 3 8, 16

SchlumbergerPayflex

Dekart softwarePIN

3 3 4

Rainbow iKey 1000

Hardware PIN 3 3 8, 32

Rainbow iKey 2000


Rainbow iKey 2032


Rainbow iKey 3000

Dekart softwarePIN

3 3 32

Eutron CryptoIdentityITSEC

Dekart softwarePIN

3 3 32

Eutron CryptoIdentity4

Dekart softwarePIN

3 3 8

Eutron CryptoIdentity5

Dekart softwarePIN

3 3 32, 64

Datakey Model310


Datakey Model330


GemPlus GPKDekart software

PIN3 3 2, 4, 8, 16

ruToken Hardware PIN 3 12 8, 16, 128

Note 1. A KSD can have a separate PIN for Dekart applications, or single a PIN for Dekartapplications and the device itself.


© Dekart

Note 2. Most of the KSDs have a limited number of invalid PIN entries. If this number isreached the KSD is blocked. If a valid PIN is provided during the unblocking procedure theKey can be used again, otherwise it will be permanently blocked.

Secrets Keeper43

© Dekart

Index- A -About the software 35

Authentication

biometric authentication 1, 36

three-factor authentication 1, 36

two-factor authentication 1

- B -BIO ID 1, 2, 36

add 23

change 25

biometric 2

Biometric ID 36

- C -Changing the parameters of a Key

add / chande / delete BIO ID 17

add / chande / delete password 17

add / chande PIN 17

unblock Key 17

Closing 36

Configuring the application 17

Controlling the password

add 18

change 18

delete 18

- D -Decrypting files

extract files from a self-extracting archive 32

in the toolbars of MS Office applications 33

in the toolbars of Word, Excel, Powerpoint 33

using a self-extracting archive 32

using Drag'n'Drop 30

using the Key 29

via the context menu 30

without using the Key 27

Dekart contact information 1

Dekart’s technical support 38

Drag and Drop 30

- E -Encrypting files

creating a self-exctracting archive 30

in the toolbars of MS Office applications 33

in the toolbars of Word, Excel, PowerPoint 33

using Drag'n'Drop 30

using the Key 28

via the context menu 30

without using the Key 26

Error messages 38

Exit 36

- G -Glossary 1

- I -Installation 5

Installing Secrets Keeper 5

- K -Key 1

Key Storage Device 1

Key 1

KSD 1

KSD 1

- L -Launch application 16

License 1

- M -Memory 40

- P -Password

Index 44

© Dekart

Password

cryptographically strong 18

quality 18

Personal Identification Number 1, 2

PIN 1, 2

PIN code 40

change 20

unblock 22

- R -Registration 37

Requirerments

hardware 3

software 3

- S -Secrets Keeper

essential advantages 2

functions 16

security principles 2

Secrets Keeper's options

<.skf> file extension 17

check for updates 17

compress the file before encrypting 17

use the Key to access encrypted files 17

Securely delete files 34

Securely erase files 34

Smart card 40

Supported devices

biometric devices 3

key storage devices 3

- T -Token 40

- U -Unblock Key 22

Uninstalling Secrets Keeper 15

Update Secrets Keeper 12

- W -Wipe files 34