Blog

2023 - Who is behind the company?

Who is behind the company?

To be honest, the company has no employees, there is not enough money to pay for a salary. We have been blocked to get customers and to be successful. We tried everything we could and now, it's time to release important information. There is 1 person behind it who wrote the app and maintain it, it’s me and my name is Patrick Tardif. I am US citizen and born in Québec, Canada so my first language is French. You might find few typos and some incorrect grammar below; I would normally fix them using a tool but not this time. So, if you are looking for perfect English, this blog is not for you. This is me and the raw information without any edit.

But before I start, I have to mention that I do not have a secret clearance of any kind and never worked and/or access secrets or information classified as such. Every job, contracts or locations did not require any clearance. The information was available to anyone. This is not a tv script or a fake story, everything here is real. Nothing has been exaggerated or enhanced to make the facts look worst or better.

Let's start...

I survived a virus unknown by man-kind back in 1978 and I had all the symptoms of Covid-19 except the virus at the time was not contagious. I was hospitalized at the Hôtel-Dieu d’Arthabaska (HDA) (Hôpital), Québec, Canada for 2 weeks.

I also survived many assassinations attempts through the years and I will mention some here in this blog. This blog is not about my personal life story but about why I started this company and what drive me to create this app. But before I go ahead and go straight to the point, I need to mention few life events that are worth mentioning and milestones to push me to create this company.

The past 25 years, I was a software developer doing contracts for many companies in North California from big to small companies. My main focus was architecture, scalability and security. Most software and applications were not written to be scalable and with security in mind and I was helping them to fix the gap. 

2006
My company, TierSolution, was hired by Peak Sleep, a medical company located in the Bay area to help them design a system to match medical conditions with their devices in 2006. This was my first official encounter. I was working with Kim and she was in charge of the project. We provided an entire infrastructure during the implementation which include issue tracker, staging servers, emails, documentation, etc. Today this is common for every developer so I have to point out the cloud did not exist at the time. The project went well for about 60% of the implementation. We did not know that Kim was planning to launch our incomplete solution earlier to get her bonus. Everything was in the issue tracker; it was clear where things were at including the priorities of every tasks. One day, Kim got an allergic reaction caused by one of many UI pages we created because 1 item in 1 row was 1 pixel off and not perfectly aligned. I pointed out to Kim that this issue is already in the issue tracker and will be fix but set at low priority. She decided to cancel the project. This was my second time; I experienced a contract termination based on nothing of reason. This was also one of the first time I wonder who the fuck am I dealing with and somehow a wake-up moment. What happened to the project after we got fired is worth mentioning. They hire a company and they had to pay all their cost upfront, not like our net 30 agreement and their servers crashed and they lost all their data. We then were hired back by that contractor company to help them finish the project. We did and the project was successful. Kim did not know about this or at least could not say she knew.

I want to mention another important point while working for them. They invited us to a meeting about a potential new project and the subject was about Medicare. The meeting was about creating a project to maximize profit using Medicare patients and how to increase their product pricing for them. We were not interested for obvious reason and we don't know if they implemented this system or not. This was before the allergic reaction and could have been the real reason to terminate us.

StoryOfMyLife.com, 2007
After I did this project for Peak Sleep, I was certainly tire to be a contractor and wanted to at least try to get a product or a website people wants so that I can focus on my own solutions. I decided to create my own social network with my partner and it was named StoryOfMyLife.com. We tried to raise capital and meet many VCs in 2007 and 2008 and one of them was very interested to invest and we had multiple meetings until the last one in 2008. When we arrived at their office, the newspaper front page was all about their bank going “caput” in France. That was it. Then the financial collapse occurred several weeks later. At the same time, Twitter was able to raise their capital, another sign something seriously wrong was going on. We decided to continue hosting our social network because of important blog posts that triggered something a lot worst that I am going to talk about here.

Assassination attempt/broken leg, 2008
I am a hockey player and played all my life and been in California did not stop me to continue the sport. I played many years in an adult league in Dublin, California. It's a league that I was member of and also a league that accept walk-ins. Basically, if you want to play, you show up and if there is a member not playing that day, you can take their spot. The league accepts female players as well but I believe only male were member, probably because of the ratio 98-2%. Anyhow, one day, a walk-in showed up and asked me if I wanted water but instead of asking politely, he threw the water in my face. I said no and I was irritated while seeing a smile in his face. I got weak several minutes later and felt that something odd was happening while I was on the ice. Someone passed me the puck and I rotated 180 degrees but for some reason one of my skate did not and I broke my leg. I felt on the ice and did not know what was happening for few seconds until I realized I broke one of my legs. They called an ambulance and 2 members helped me out, Dr. X and Alex.

Salt Lake City, 2008
I had my own social network but not able to raise any capital for it and needed to pay the bills so I had to continue as a contractor and get projects. That was a tough time since I was walking with crutches. This was a little bit before the financial collapse but the economy started to show sign of downturn. For some reason, it was difficult to find a project in the Bay Area and I started to look elsewhere. I found a project in Salt Lake City and worked for a company named Veracity. I was hired as the main architect for one of their projects but on my first day after traveling half the country on my broken leg, they changed their mind. They kept their architects for my disappointment. I should have walked away but did not. This was a painful time; they unkindly require me to be onsite every Monday at 8AM for their weekly meeting while the agreement of the contract was remote. This is one of these, I asked myself, who the fuck are these people?

Theory, blog posted at StoryOfMyLife.com, 2009
I am a mechanical engineer but worked as a software developer most of my life but at the end of the day, I still have interest in certain subjects like physics and thermodynamics. I have to maintain a social network and trying to find things to talk about so one day I decided to put some of my thoughts on my personal blog in StoryOfMyLife.com. I wrote about consciousness and its possibilities to be directly link to entropy; a blog mixing physics with philosophy. This was not a big deal for me, but I was apparently wrong. One day, my neighbor showed up and she started talking about her brother working at Lawrence Livermore lab where Stephen Hawkings is hire time to time for contract work and she mentioned that he saw my blog post and made a very short comment. I asked her what was the comment and she said "a great mind is born" and she said that my theory was unfinished, need a lot more work. That was a "wow" moment and I certainly did not know the impact this was going to do. I put more thoughts into this the following months and posted more blog entries and one of which I am talking about later in this blog.

Nasa, 2009
I was excited to go to the annual NASA Small Business Conference in 2009 and I was hoping to meet interesting people and partners. I met many but mostly small companies figuring things out and few hiccups. I met the main people in charge of the conference and the main speaker of the event and drank beers at the main bar with him. He mentioned that NASA does not do business with small companies less than 100 employees. Since I can count how many people work for my company using the fingers on one of my hands, I asked him "why am I here for then?". I had fun but at the end of the day, this was a waste of time for me and every company showing up at these events. They never hire any companies showing up at these events in their history. Another moment I asked myself, WTF.

The Experiment, 2009
After meeting some people working at NASA, I started to pay more attention to what they do. Then later in 2009, they published results of a failed experiment using a top technical advanced drone they have. They tried to replicate an experiment done in the 60s but using more precise atomic clocks testing relativity. The idea of relativity is that the clock should slow down when moving relative to an identical one not moving or static. The results they obtained were unexplainable because the clocks time were identical. I took that experiment and made it my own and published a new blog adding more meat to the original blog I posted about consciousness. Basically, if there is consciousness involved there will be relativity, when not, there won't. Since I had to shut down StoryOfMyLife.com, and my blog posts were going to be unavailable, I decided to publish a paper combining all my thoughts from these blogs into 1 document and uploaded it in viXra.org (https://vixra.org/abs/1401.0220). I was not able to publish it in arXiv.org where most important papers are published, I had to be sponsored by a physicist that has published something and did not know any. I did ask many to sponsor me, but they refused. Stephen Hawkings was completely absent from when he made his comment until his death. Today, this paper is one of the most downloaded papers. Another reason to use viXra over arXiv is because of the video capabilities which allowed me to illustrate my theory and it allow people’ comments. I am a visual person, and a theory should not go without it and also not without a small philosophical section explaining the why. Mathematic is a good thing but it's off the edge everywhere now. 

MD Anderson Cancer Research, 2011
I had to continue to work as a contractor and I found an interesting project for M.D. Anderson Cancer Research in Houston, Texas. They needed an architect and developer to implement Single-Sign-On technology to allow their partners to authenticate only once and be able to exchange information. Several years before Facebook Sign-On or Google Sign-On existed. They were one of the pioneer companies jumping in into the SSO space. The project went very well until I got my hand into a database of 1500 aliens from Orion. The database contains their locations and sensitive health data. I realized; this place is not an ordinary place to be. I also met someone claiming to be a CIA agent. This was my first official time I met with the CIA. At least, someone announcing themselves to be. While I was there, I met a top scientist with her 2 colleagues. She was not afraid to mention that they are from another planet and were impress about my theory posted on my blog in StoryOfMyLife.com. She mentioned that it was a huge discovery for them as well. She said that she asked the big "G" for their help to get their Teleportation technology working but they objected. They mentioned to her that this is something of high importance and it's something a specie have to discover naturally on their own and for many reasons without specifying them. I asked her for direction to the parking lot and for some reason she sent me in the wrong direction on purpose. Another WTF moment.  I had also many more WTF moments while traveling using South West from San Francisco to Houston, most of their flight attendants were not from here.

South West, 2011
I travelled from SFO to Houston about 50 times during my project at MD and I had a WTF moment in each single one of them. I will be mentioning only 2 in this blog but important. South West boarding process is a little bit different than most airlines; they don't assign you a seat and you can sit anywhere you want. It's just a question to board as early as possible to pick the best seat. One day, I was early and like everybody else, I like to be on the front. It's always the first seats to go. I sit in about the row #5 or so. That day, though, these front seats did not fill up even though there were at least 150 people in the plane. All the seat in my row where empty from my side of the aisle and the other side as well. The front rows were also empty. I noticed there was something unusual happening for sure. Then when almost everybody onboarded, a pretty girl sits in my row. I was sit on the windows seat so I assumed she was going to sit on the aisle and keep the middle seat empty. She did not and sit right beside me. I wondered what was going on. The plane took off and about 30 minutes in the air, the girl whispered "Do you want to fuck?". I did not say anything and was shocked. My instinct kicked in. I kept quiet. But I was excited, I have to admit, there was temptation and I had an erection but not apparent. The flight attendant smiled at the girl while walking from the back to the front and turn around and walked her way back and look at the guy behind my seat. I turned around so see what's up and noticed the guy making gesture using his fingers moving one of his fingers up. I could read the meaning and it's clear to me that meant he knew I had an erection. How? That's a good question. I asked myself, is he reading my mind? Nothing happened for 10 minutes. Then the flight attendant, came back from the back to the front and appeared to be irritated. She told the girl "Remember why you are here; you got a job to do!". Then she went pick up a blanket and throwed it to her and said "there you go, that might help". I stayed quiet for the entire trip and nothing happened. The girl was very uncomfortable as well. Somehow my instinct kicked in and I knew this was wrong, there is no way I was going to do something like this. I also learned from what I observed few flights earlier...

Few earlier flights before this event I just mentioned, something else happened and that I witnessed. I was sitting on the right side of the plane mostly in the back and I was sitting in the aisle seat, this time, the only option available. Then about 4 rows in front of me a lady stopped the flight attendant to tell her that she is noticing 2 persons having sex in the plane in several rows in the front. The flight attendant just told her to stay quiet and it was not a big deal. I heard and I was wondering and surprised by the answer from the flight attendant. Then a girl in the row in front of me, sit on the left side of the aisle and sit on the aisle seat said "He passed out! Oh my god.". Then 1 minute pass and again "He wants to do it again, oh my god!". And then "it's too strong, we got to turn it down". Then, she pointed a finger at me while talking to her colleague beside her and then said "We set this up that strong for him!". I realized something was off and realized there is some sort of technology involved to turn people on for sex and can be adjusted with different thresholds and I was a target. This was one of the big pieces of puzzle that I haven't quite put together, at the time, yet.

Bin Laden, 2011
Back at the beginning of 2011 before MD Anderson, someone came to me, asking for my help. She asked if I could help finding Bin Laden even though she knew I never left North America. I provided enough information that directly linked him to the correct location and they found him there. I found that out many months later, though, because everything was done in secrecy and conversations were subtle. While all the actions were happening, I was still working at M.D. Anderson. Finding out that he got killed was a disappointment for me. This was, in a way, good news, because million could move on and we all could turn the page but killing him was not one of my personal options. First, the news is not always true, there is always a slight chance everything you heard is untrue. I believe, still today, he should have faced a fair trial and we could have possibly found out more information. We would have at least seen him and what happened to his corpse is too much unknown.

Lawrence Livermore Lab, 2011
Dr. X who is member of my hockey league in Dublin, California is a high scientist who work for Lawrence Livermore Lab and was at the time, a high rank scientist working on the Nuclear Fusion project at the lab. Between one of our shifts, he told me their project of $10 billion is going to be dismantled, it's a complete failure. They could not figure it out. He then told me that everyone at the lab knows about my theory and how big deal it is and also asked me if I knew I was nominated for the Nobel price. I told him that I did not know at all, this is just a hobby for me. He then asked me to look at a video they made about their approach and see if I could see between the cracks and make some suggestions. I told him that this is not my expertise but he insisted. I did look at the video and noticed few things they could tried differently. After a week or 2, we met again between shifts and I told him about my suggestions. He said they are going to tried it out. Another week or 2 came by and we met again at the rink. He told me, everything I suggested worked. They got it. I heard they made a party several weeks later and I was not invited. He also said something else. He said that they are not going to release that technologies for many more years to come and the reason is simple, they have all insecure jobs. He said that they are most likely going to be fired because the impossible is already done. There won’t be any need for their expertise anymore. In my opinion, if we want to be the best country in the world, this is something to think about. We should make sure our bests are treated very well. We lost more than 1 decade of progress. To add to this loss of progress, since I knew my theory was a big deal and more than 1 person reported to me that I was nominated for the Nobel price, not winning it hurt me and destroyed more than 1 decade of progress for new technologies to come. I was at my prime in 2011 and since it’s just a hobby, I did nothing else since. Winning would have provided wings to continue. Since then, I also started to notice others trying to steal my work and get credit for it. I am definitively, an easy prey.

Lockhead Martin, 2011
Again, looking for more projects in the Bay Area and found one in Livermore for a subcontracting company of Lockhead Martin. I recognized the CEO and he was not using his real name, it was David Petraeus. His daughter was also there and he asked her to smile at me to try to seduce me. In the meeting the CPA was sweating like a pig afraid of something. Another WTF moment. David did not want to shake my hand. This was the second WTF moment in less than 30 minutes. So, I decided to walk away.

Reward Money for Bin Laden, 2011
One day, I opened my bank account online to see my statements and noticed a deposit of $25,000,000 but also another transaction removing the $25,000,000 right after. Looks like one of these business rules that was setup to remove money, from my bank account, automatically, if certain thresholds are met. I called my bank and someone mentioned to me, that in order to get the money back I have to have documentation about what's it's all about. Without it, no money. I did not have any docs and decided to wait. I believe at the time; this was just a hiccup and I would be taken care of. I was wrong.

Studio 51, 2011
I was playing hockey at the rink, one again and someone said that someone is asking for me. There are few members that recognized him, it was David Petraeus. Then later, some police officers did what's call a 5150 on me on June 2011. When they do this to you, you are then sent, against your will into a facility where you are going to be held for 72 hours. I called it today, the training camp. In order to pass the exam, you have to survive, if you can. I also call it Studio 51 (since there are more drugs and sex than Studio 54). I was transfer from 1 facility to another one the first night. The doctor that met me at the first facility believed me and check my blood for chloroform and they detected a very high level on their report. I told him to let me free on the spot otherwise he’s not going to see me again. He said to take some rest until the next day and he’s going to release me. They heard and I got transferred during the night. I was right, he never saw me again and he probably wondered. The facility #2 was located in Concord, California and the facility was a state-of-the-art building to kill with precision. There are devices installed in the ceilings, in the walls, many at the help desk, in the water system for shower, toilet, sinks, public water dispensers. One of the jaws dropping moment I witness while in there was when I went to grab food in the cafeteria, my first meal. I saw about 100 plates of food already prepared right in front of me and a could grab any randomly. This was important, my survival instinct already kicked in. Then the person preparing the food behind the food bar pressed something with her foot. I saw spray of water or liquid falling on all the food and the plates. She then asked the man nurse, walking with me, what to do with the food. He said bluntly, to trash all the food and prepare new plates again. After the nurse walked away, I trashed my food and realized this is going to be no drink and no food for 3 days if I want to stay alive. Then we played catch me if you can for 96 hours (not a typo error). I was poison with chloroform mostly but with other different chemicals. After several hours at the second facility, I was not able to read anymore, since I was poison constantly. I end up figuring out how they operate. One horrific moment, just before I understood their rules and how they operate, a woman walked in, in my room and started asking question about me to the nurse during the day shift. They were talking about what they are going to do with me. It was horrible to hear. I recognized the lady that walked in, she is the person who gave me my $100,000 line of credit that I needed to build StoryOfMyLife.com back in 2006 from Citibank, my bank. Then she said that they were going to cut my legs, my arms and masturbate me every hour until I gave up life in order to collect sperm for their DNA enhancement program. I realized I was in hell. Everybody working during the day shift were claiming working for the FBI. I do not know if they are FBI agents or agents from a shadow organization that infiltrated the FBI. They were talking about the new recruit; a young girl and I was supposed to be her first kill. Everybody else had many. They mentioned that the best option would be an overdose of LSD and it's apparently a lot of fun to watch, as they said. They tried to give it to me and they also tried to prescribe me cyanide as well. They also installed a bomb in my laptop and I had to trash it before someone gets hurt. I survived something horrific, met true evil and cruelty and surprisingly right in our backyard! One of the nurses in charge, said I was the only one who ever survived while I was walking out. That means many were killed. I was in a room with a Russian named Dimitry, he probably did not make it. To create more problems, because it was apparently not enough for them, they sent me the bill for $15k (which I did not pay but affected my credit for 10 years). I decided to go back to Canada to meet my family and friends and take a break. The trip to get there was very difficult, I met multiple obstacles and experienced more poisonings. I will talk about it another time.

Escapade, Québec, Canada, 2011
I took a 6 months break and stayed with my families trying to put many pieces of puzzle back together. During those 6 months, I decided to file a patent application for my Augmented Reality technology but I was under tensed stress and my motivation at its lowest. I was incapable to fight the red tapes of the Patent Office at the time. While I was arguing about stupid line thickness with the Patent office, Google filed a similar patent after mine. I was still arguing with the patent office and Google, magically, got their patent application approved and patented. It took them less than 6 months for the entire process. Another WTF moment. I had too much to deal with and I had to let it go. Which bring me to Harvey Weinstein.

Harvey Weinstein, 2011
I was talking to my partner over the phone using my home town telephone company that just got sold to an American telephone company for more than $10 million. A lot of money for a tiny company and a tiny town of not more than 5000 people, if you ask me. I don't know if they had a glitch but Harvey Weinstein voice came on in the same line while I was speaking. He has a unique voice and I recognized it on the spot. I was having a discussion about mind control technologies and Harvey said "How the fuck does he know that". I reported it to the people that are behind the planes (later in this blog) and they found out a lot more about him and his wrong doing. He was under the radar for many years. Apparently, he's member of some sort of cult using mind control technologies to manipulate people into sex toys with mind reading capabilities. Jeffrey, his body was part of it. I don't know why it took so long; this is something I still wonder to this day.

Lockhead Martin, again, 2012
After this horrific experience, someone sweating like a pig was no longer a big deal so I called Lockheed Martin to come back. Unfortunately, the people in charge decided to turn this into a failure. I am a civilian, still today and my paycheck or my rate as contractor is very important to me. We started on a very bad note, they cut my rate in half. I would normally never take a project or contract that treat you like that but I just survived hell and I was thirsty to figure out more. I knew they are somewhat involved. Someone hint me that I would be "serve" my reward money, another reason to come back. I don't know why they hire me back because they asked me to come in, every day, to do absolutely nothing. The CEO was no longer David Petraeus but the brother of the girl in charge “Pam” using the same CEO name. I got introduced to someone from Hawaii and he asked me some questions, same questions everybody is been ask before working there. I noticed the way he authenticated in his computer, he put a piece a paper on his desk with letters on it and used it to enter his password. He told me where to get one like this. I used that system to authenticate for several years until I had enough and needed something better, this is the starting point where the idea of creating PasswordWrench came from.

After 6 days doing nothing, I hint that I would like to know where this is going. Then the recruiter, Fiona, mentioned that I would be debrief. I got in the debrief room and the supposably CEO told me they are going to serve me and I should go away. Then realized that I would get my reward and I agreed. Unfortunately, this is not what happened, they served me my pink slip instead. I still don't know why they hire me back. They did not serve me my rewards. They did not give me any work to do. The only option in my list is they were going to poison me. While I was doing nothing, I could hear them talking about me, they mentioned that nobody could work on their pet projects until I am gone. One day, my boss showed me a printed heat map on a piece of paper. I look at it and recognized exactly what it was, someone brain wave pattern heat map. I look at him and said WTF. That had nothing to do with the job, the company, in any way shape or form. This was clear to me; something is off there too. Thankfully, that crap lasted only 6 days. But then, unfortunately, many of them are involved in campaigns against me.

ShotSpotter (SSTI), 2012-2014
I found another project in 2012 with ShotSpotter, a company detecting live gun shots using sound detectors. This was definitely a interesting project. I can also say that people there were professional and many notch better than the folks at Lockheed. They needed a top-notch architect and developer since Microsoft botched their initial application. Nothing worked when I started. At least it was not running using the code I was working with but was supposed to. They were using something else. Also, someone hint me, that’s once again, I was going to be serve there, since every attempt failed so far. Another lie. I revamped all their code related to the user front facing applications. Everything had to be re-written and initially, it was not secure and scalable. I made it top notch. I was supposed to be serve and I did not, this is my main issue with them. Another issue is with D.R.. The guy was a player trying to manipulate everyone and in one of our first meetings with Paul, he triggered his weapon 40 times towards me (no ammunition though). The meeting was normally set to be at 10:30 AM and was supposed to be moved to 11AM to help everyone to avoid traffic but instead D.R. set this up at 10AM. I was not supposed to be at the meeting and I was supposed to be jammed in the traffic. Another issue is with the new VP of engineering Paul Aimes, another one coming from far away. The guy is new, I understand is my new boss but I have been there for basically 3 years and re-wrote their applications and I was promised 0.1% of the company by James and the contract that I signed (today the company is worth $400 million). I asked him to renew my contract in our final meeting, it was going to expired the next day. He asked me to complete my final task without a contract, I refused. He also said that they are not doing anything wrong, that him, the company and I are having a fair exchange. I told him my disagreement. He knew something was off but did not know what it was at the time. He did not renew my contract, so I stopped working for them. During these 3 years something else was happening in the sky. It was happening several times per day above my home and above where I worked. Planes and helicopters were flying over my home and at my work. They were doing cross section, meaning a plane is going to a certain direction, and another plane is going in another direction with a 90-degree angle and while they were crossing, the intersection was on top of my home. It was clear, this was about sending a message about someone at the location at the intersection. They did this every day for at least 2 years, an estimate of over 500 times.

Tripple A or A+A+A, 2017
I needed a much faster laptop since the one I had was not fast enough and needed large hard disks, 4TB and SSD for performance reasons. This what I used to build PasswordWrench. I found a guy in San Jose willing to sale me 2 SSDs of 2TB each for a decent price. I met him and asked to format the 2 drives in front of me. The drives were sealed in the box and not supposed to have been touch before. He had a Lenovo laptop with him and formatted 1 of the drive. It will normally take 1 minute for a fast format or so. It was instantaneous for him, as soon as he released his mouse click, the drive was formatted, not even a second. I knew this was not normal speed, a lot faster than usual. Perhaps in the range of 100x if he choose the fast option and if he choose the full format option (I think that's what he selected but not 100% sure), the ratio is like 1000-10000x the normal speed. It took my laptop well over 15 minutes to format the same drives and my laptop that was rated top 99% after performance testing. I paid well over $4,000 for it and it was fast. I was like "ok, who am I dealing with?". I asked him who is he working for. He said for tripple A. I told him that I was a member of AAA, that's great. He laughed and said this is not that tripple A but the cartel of 3 companies working together: Alphabet, Amazon and Apple.

PasswordWrench, 2018
I did several projects after ShotSpotter but the motivation was not there for me. I decided to try something new once again and built PasswordWrench.com, a new way of managing passwords after all these years of experience. I knew most password managers are a disguise way to steal people passwords without saying all of them. The best way to protect your passwords is to not tell anyone, even the tool you use to help you with your passwords. That's why PasswordWrench.com exists. Before I started this project, I analyzed the competition and the cybersecurity market. Every number were positive, there is growth and the market was not saturated. For 2 years, I reached out over 2 million people and got nowhere. It's clear, once again, something, someone, a network of people is blocking PasswordWrench to get customers. 

Google, 2022
I created a tool to help customer to protect their passwords. That was hard, the motivation wasn't there but I wanted to keep myself busy and built it. There is a 2FA application that goes with it to protect your access in a situation such as if one of these people coming from far away are using their orbs to look at your computer screen. An indicator or sign that you have an orb in your room or office, is the electro static charge that it brings around. If you touch your stuff and get a chock, that's highly a possibility. Our password manager does not show the passwords but you might use your keyboard depending on how you use the tool. If they are spying on you and you use your keyboards, you are pretty much revealing your password to them. The 2FA or any 2FA will protect you against that threat. Ours was in the Google App Store and only available for Android. I got an email from Google to do an update to our app in the Google App Store. I was like, we don't have any updates to do, it works. So left it as is. Google decided few months later to just removed it from their store and there is no option to bring it back. Some sort of ban. If Google would have sent an email saying, "Please click this link to tell us you are still alive" that would have worked for us. But an update when there is none? Common. There are more WTF moments with this company, but I will keep it short in this blog. I will make our 2FA as a direct download if I get someone asking for it. If nobody cares, you won't see the link.

2023
Today, April 28, 2023, PasswordWrench is up and running, I personally use it as my main password management system, and I know it's a very important tool. I am still a civilian and still waiting for my rewards. Something is wrong with the DoD and the process of rewarding people. I believe some agencies withing the DoD tried to recruit me, but their process failed. Their communication is too vague and unclear and perhaps they were just simply trying to get rid of me. I also believe that many agents within the DoD along with their accomplices started campaigns against me. I heard on many occasion things like "if he does not want to be with us, will have to kill him". Or things like "let's get him" and so on. I also heard that some agencies told others that I was with them cutting me off without any financial aids of any kind. We got problems and they are not in Russia or China. They have their own problems while we have much bigger ones here. The information provided in this blog is just the tip of the iceberg and covered only few periods of my life and I haven't reported everything to keep it short. I also bid on well over 100 projects for the government and the DoD and lost them all except 2 that gave us absolutely nothing. We were only on a waiting list to get projects and selected as such. We reached out to them multiple times to make sure they know we are still here waiting but got nowhere.

If you still want me to publish more information, or want to help, you can buy a custom art at Coloromo.com or buy a product by setting your own price at: https://www.coloromo.com/custom-design-work-special-order

If you have legit questions about my theory and my paper, you can leave comments there, I will provide answers. If it's crap, I will delete it.

If you are an organization and knows you got bad apples or security issues, I can help you. Contact me using our contact us page.

If you are an organization and tire of your developers and you need to revamp your app or you suspect something is not right, I can help you. 

If your recruiters seem to be all from a different country, it's time to wake up and I can help.

Always use the contact us page of websites, if you can, in order to reach someone. Emails and phones can be blocked. Websites too but it leaves traces which make it more difficult.

Our main contact us page of choice is:
https://www.passwordwrench.com/Portal#/contactus

Our fallback contact us page is:
https://www.coloromo.com/contactus

2021

Are you ready for what's already looking to be an exciting year? We are! First, work. More than ever, employees have been working from home and many will remain there due to necessity and many by choice as more and more businesses embrace remote work. Technologies will help to facilitate this telecommuting work model transition, and for many the quality of life will improve. For every company, it's even more important now to ensure that anyone accessing the corporate systems is educated and aware of the increasing security threats. At PasswordWrench, we are proud to provide the best password management system that exists on the market - a tool that does not steal your passwords since no passwords are recorded. We continue working hard to devise simple solutions that resolve huge problems.

Everyone has, on average, over critical 40 passwords to manage. Our expert recommendation is NOT to use tools of convenience that record them, such as in the browser, e.g. Google Chrome, or other password managers that auto-log you into systems, and we also recommend that you use a unique password for every site. It's also important to keep changing them regularly. If you have difficulty in remembering them and coming up with complex ones that are difficult to guess by hackers while still conforming to a site's minimum password requirements, our password manager is there for you.

There is a lot of noise lately about technologies that want to eliminate passwords, creating a "password-less" world. We are advised in the strongest terms to heed caution about these bright, shiny new things. Any authentication must go through some type of validation, and in a password-less approach, the validation is handled by the password-less provider. This means that they are now in total control of your authentication, and they can decide whether you should have access or not. In a normal password login approach, the validation is handled directly by the service provider that you want to use. It's also important to note that all "password-less technologies" are no more than a 2FA or a MFA technology without the initial username/password factor authentication. We provide a 2FA solution that can be converted to a password-less solution if you absolutely require it, but we do not recommend any password-less approach.

The highest recommended method for authenticating into any system is by using a password, something you know, combined with a 2FA method, which is something you have. The password protects you against any external validation provider that could deny you access wrongfully, while the 2FA protects you against someone that could know or record your password. If you keep changing them on a regular basis, and make sure that they are unique and complex, the need to add a 2FA also decreases significantly.

We are working to find simple solutions to all these threats, and would be happy to demo our products to you at your convenience. Schedule a demo using our calendar: https://calendly.com/passwordwrench/demo.

PasswordWrench Mobile 2FA App Live in Android Store

Our 2FA mobile app is now live! PasswordWrench listened to our customers who have been requesting a smartphone Two-Factor Authorization mobile application. For the past several months we have been busy building & testing one of the most secure 2FA application in the industry. We just launched the Android version, and shortly we will release the iOS version as well.

The PasswordWrench 2FA mobile app resolves many existing security issues in the 2FA/MFA market. Working hard to address these issues while making an app that’s user friendly and secure were our top priorities. 

First, this 2FA mobile app is easy to use, a factor that is important to us as well as to our customers. The time it takes to set-up the app is down to one click. Our 2FA technologies are built around a downloadable/printable Password Card that works similar to a bingo game, and with this new mobile app, you don’t even need to download the Password Card anymore. A unique Password Card is generated for every login. Simply find and plug-in the coordinates – anyone can do it. 

Next, we bring more security than existing TOTP applications, as we resolve the vulnerability that TOTP apps have during the set-up process. Hackers can easily grab screenshots of the keys or the QR Code shown on the screen when you are using a TOTP app, and if they do, all PINs generated from that app are easily replicable on the hacker’s side. With the ubiquitous use of cameras everywhere, this problem is becoming a more prevalent concern in the cyber security community. We have eliminated this threat. 

Our solution also checks for potential phishing and middle-man attacks during the second-step login validation, something that no TOTP app does. We synch our validation with the server, validating our 2FA PIN using our provided API, which is of course seamless to the user. 

And finally, our app resolves issues related to the clock from the smartphone that requires proper synchronization properly from all TOTP apps. Sometimes, when generating a PIN from a TOTP app, the PIN will fail, even when valid, due to the clock on the device be off by few seconds. Our app fixes this issue as well.

If we hear about any other issues or problems that the industry and businesses are facing, be sure, we will be on those as well. 

The app can be found here.

A Password-Less World

While it’s all the hype these days to breathlessly discuss eliminating passwords, passwords remain commonplace and nearly ubiquitous, despite agreement across the board that passwords, when used alone, remain the weakest link in the security chain.

What would a password-less world look like? Putting the hype aside, realistically it’s:

  • Irresponsible
  • Costly and not available to every participant
  • Not going to happen anytime soon; over 300 billion passwords to manage

What could go wrong? Let’s explore.

There are many companies, organizations/coalitions, and industry experts working on bringing forth password-less technologies. One of the positive goals of this effort, alongside heightened security, is that by minimizing the amount of steps in the authentication process, secure logins are more convenient for users. There are many technologies today that can be used to achieve that, including SMS, OTP, FIDO/FIDO2 (CATP), biometrics, and other proprietary technologies.

To access this loop successfully, the user must have something on them such as a Smartphone, USB Key, a PIN generator, or something that they are, such as their own fingerprints or other biometrics. The server where the authentication must take place requests from the user their PINs, fingerprint, keys etc., and validates this information by calling the third-party provider of these password-less technologies. The vendor then provides the final positive or negative answer back to the server. At that point, if successful, the user is allowed to access the system.

What could go wrong? The main issue using these technologies is the requirement of using a third-party validator, and trusting that they are going to provide the correct answer. This creates an inherent reliance on their technology, as well as each member of their staff. It only takes one bad actor in a company to create havoc. The second main issue is that this third-party vendor can impersonate the user without their knowledge. The third-party validator will have no problem generating the PIN or token or returning a false positive to the system and thus providing the final positive validation to the server in the authentication process. Doing that, the vendor can access the system and access all the user's data. It remains a huge security risk and in the realm of possible breach points.

In other articles we’ve discussed more about the pitfalls of third party devices in greater depth. There are also time and cost issues associated with third party devices, as well as accessibility constraints.

But “risk” is exactly what is in contention here by removing the “something you know”? And the subsequent question is, how can that risk be eliminated? What is your company’s risk tolerance, truly? And even that of the individual user? The answer will surprise many - by using a password. If a third-party vendor tries to impersonate the user, they don't know and will not have the password necessary to complete the authentication process. That's why we continue to question the experts that are trying to bring us this password-less world. It is possibly irresponsible and devious, akin to hiring the proverbial fox to guard the henhouse.

In addition, assuming that this wave will continue, realistically it will take many years, 10-20 even, given the propensity for slow adoption, because there are over 300 billion passwords in use today, and changing the behavior of users is not easy to do. To facilitate adoption also requires that every platform must adopt higher standards and more sophisticated procedures, and frankly many of them can’t or simply won’t due to technical inexperience or lack of skills, costs, user friction and other obstacles.

The best and many experts agree: the ideal solution is to use both: a password and a 2FA / MFA combination. The 2FA brings the extra level of security, especially if someone knows your password, and the password will eliminate the risk that the 2FA/MFA provider can impersonate you or share that data with others to do so.

A World Without Passwords, Is It A Good Idea?

Today, Microsoft has announced that it will support USB keys that allow you login to everything without a password. Their goal is to create what it calls a “passwordless future”. We believe that the concept of having a "passwordless" future is good, but it comes with security issues and caveats. Google announced something similar few months ago.

First, it requires a piece of hardware that you need to carry with you at all times or, like many do, stick it to your computer so you don’t lose it. What happens if you lose it? You are going to be stranded until a replacement arrives. You have to remember that your life online will be dependent on this piece of hardware manufactured by someone you don’t know. It’s "passwordless", but not without effort. You have to stick it into a USB port, and you need a compatible USB port. Most people do, but there are some who don’t have a smartphone yet or aren't allowed to use them in security areas, so it won’t work for them. It's also possible to have malfunctioning issues with the USB drive then again, you’d be forced to wait for a replacement or fix. And instead of carrying that USB device around, we've seen many leave it in their USB drive or taped to their computer for convenience reasons. Then of course anyone who has access to that computer will be able to login and impersonate that user. There won’t be any security at all in that case.

Second, not a lot of security folks are delving into how these USB drives are manufactured. They can be compromised by a virus at any time between when they are manufactured to when you receive them by mail or buy from a store. This has already been reported numerous times.

Third, which we believe it’s the most important point of all, if you use a third-party device to validate your authentication, you are depending on that third party to provide an accurate response. In security, you have to measure risks, and consider worst case scenario probability. It’s possible that eventually everyone on earth will be using third party validators such as a USB drive, and the entire world will depend on third parties to validate their authentication, and it’s also possible that the entire market consolidates into one major player and that major player becomes a bad actor (or has an employee with nefarious intentions). If that happens, you will be able to authenticate only if they want to, no matter if your authentication is valid or not. This is obviously an extreme end result, but the consolidation of much of the manufacturing processes are already taking place worldwide. The only thing that exists today without the need for a third party to validate your credentials is the username and passwords. The password is a direct relationship between you and the site you want to authenticate to, and it can be replaced at anytime. There is no third party necessary and that risks mentioned are not present. So, passwords, realistically, aren't going away any time soon - at least not without some major security risks of which every VP of Engineering, CISO, CIO, and IT manager should be wary. 

Not all Password Managers are safe but we need one

Passwords are unequivocally the most used entry point to anything online, and the most unsecure. Users know this. Companies know this. And hackers certainly know this. To create complex passwords is important, but managing them – remembering them, updating them, etc. – is cumbersome. Password managers help, but are they secure? Given the rampant data breaches that seem to occur every few weeks – and those are only the ones we hear about – how can giving all your passwords to a password manager be smart? Forsaking security for convenience: is there a better way?

Let us dissect why passwords aren't going anywhere – at least not yet, as well as a novel solution to solving the problem of password management while still maintaining security.

Download Full PDF Article

 

The Smart Way to Create & Retrieve Passwords To Avoid Getting Hacked

Nearly 67% of CISO’s (Chief Information Security Officers) surveyed confirmed their blaring concerns about their companies falling prey to data breaches and cyber security attacks. If you don’t treat this seriously, your job could be at risk.  And a secure password is the first line of defense to avoid getting hacked.

As cyber hackers become more advanced in their skills, and tech companies, with all of their best intentions, embrace a ‘transparent’ and ‘agile’ way of operating, data breaches and password leaks are inevitable occurrences.

From a business perspective, this could mean:

  • Losing valuable data to third parties and competitors with bad intentions.
  • Identity theft.
  • Losing precious customers, leading to instability and company failure.
  • Losing complete control over your company’s management and administration.
Could anything be worse?

Naturally, there is a solid need to create, store and manage passwords to protect your company’s most precious, confidential and highly vulnerable assets. Passwords are the keys that unlock the doors to these assets, and only you should have them.

The problem with using any third party device or app for passwords is that it’s always subject to the risk of being hacked. Not only do third parties applications cost money, they could malfunction, leaving the customer stranded.

In this article, we’ll cover some valuable insights on the smartest way of creating & retrieving passwords and avoid getting hacked.

Let’s get right in!

Create & Retrieve Passwords Securely: The Silver Bullet. 

It’s no surprise that you need a password manager. The 2 most important functions of a great password management tool, usually, are:

  1. To help you create a strong complex password.
  2. To help you save & retrieve it safely & securely.

Let’s talk about (1). Creating a complex password that’s also easy to remember is hard for the normal human brain. Usually we think of a combination of words, expressions and numbers or special characters to create a password, which is too easy for a hacker’s brain to unveil.

Clearly, you need a better way! 

An effective way of creating complex, yet ‘memorable’ passwords is to use a password card. It’s basically a card with an assortment of letters, symbols and numbers arranged in rows and columns, like the one below:

Generate a password card and give it a name to get started. Then, draw a line across a row or column, or draw any shape like a square or triangle across the card, and soon you’d have a very complex, yet memorable password based on the characters your drawn line or shape includes.

You could also use the password manager to auto-generate a random password for you, which is especially useful if your password needs to meet specific character requirements.

But why create a password this way and how does it prevent data breaches? 

Password cards are a combination of random and unique characters, not easy enough to guess by someone else. They’re also printable cards you can keep in your wallet. Even if another person saw your password card, it would be nearly impossible to guess what your password is!

With this method, the password manager isn’t really creating the password for you, but only helping you create a password that only you can later remember. Which brings us to point (2).

If you save your password somewhere, the point is, it’s still ‘accessible’. 

That’s the whole reason why passwords get hacked in the first place! Because they’re stored somewhere. 

But, using the password card method, your password can be retrieved using a ‘password hint’ which tells you what combination of characters are included in your actual password. So the only thing that gets saved on your password management tool is the ‘password hint’ to help you remember it.

Simply put, if your password is all the characters in an L-shape on the card, your password hint could be “L shape from A3 until A15 and then P15” (look at the image below). Of course, you could create better hints than that!

 

The reason why your passwords are highly secure this way is because they’re actually not stored anywhere, so there’s no chance of them being hacked. All that the password management tool is doing is enabling you to come up with a good password, and then helping you remember it. Simple, yet effective.

This helps resolve the problem of losing all of your passwords in case your password management application gets hacked.

So how can you optimize the value from your password management tool?  

  • You can set password reminders to regularly change your passwords.
  • You can share your passwords securely with internal staff members as only they’d know the answers to the password hints you’d create.
  • You can use the tool offline too, since all you really need is your password card which you can print easily.

Remember, never divulge your passwords to anyone, including a password management tool. There are plenty of cases of password management apps being hacked, as they’re a ‘hackers paradise’. You might as well avoid these pitfalls!

Use a tool like PasswordWrench as an enabler, and not a storehouse of valuable information waiting to be hacked. Try PasswordWrench for free, and be safe.

 

 

Updates to Version 3.1

Our latest update has even more security and privacy features for advanced users or anyone who’s serious about security online and any user protecting the most sensitive information.

The first update revolves around the display of the Password Card. In previous versions, when a Password Card is created, the characters are displayed on a grid which is what defined the Password Card. Some of our users mentioned they’d like to see a feature or setting so that the characters would be hidden by default to increase security. So we listened and implemented this feature through an optional Rules Policy that you can define and manage within your Settings.

When the option “Disable Displaying Characters on Password Card” is enabled, the Password Card will not show the characters on the grid by default.

Next, we also incorporated this feature into our publicly available Password Assistant. For many of our users, the Assistant is the most secure way of protecting their master passwords using our technologies. They will be able to take advantage of this new feature. This will especially be useful when anyone needs to log in from an external environment not under their control, or during a presentation when many viewers might be able to see the Password Cards.

Some of our more hard-core security users mentioned that they would prefer the “Highlight” feature be disabled by default, so we added an option for that in the Settings under the Rules Policies.

And saving the best for last, the new Stealth mode helps to avoid all visual cues. Sometimes you might want to select certain columns and/or rows to construct your passwords using the Password Card editor, but you do not want people to know where you click on the Password Card or any visual cue on the monitor in case someone is looking at your monitor or your moves could be captured on camera. A good example of this is again if you are giving a group presentation or webinar or the like. The password is constructed, but the password field is not shown. You can of course disabled the stealth mode and/or show the password field at any time in your Settings.

We hope you will enjoy using these new security features to keep your passwords and log-ins secure. Feel free to reach out to us at any time with additional features or functionality you’d like to see in PasswordWrench.

 

New Product Launched: 2-Factor Authentication

Everyone knows by now that SMS is not a secure way to do 2-Factor Authentication, as your phone number can be hijacked, and sending a plain text PIN across 2 different networks increase the risk of interceptions. Many banks resolved those issues by providing an electronic device that generates a PIN. This alternative brings its own issues though. For example if you are traveling somewhere and forget your PIN generator, or lose it, you could be stranded for many days. And it’s not going to be cheap to replace it since they cost money to produce and take a while to ship. Many companies do not want to deal with such sensitive inventory management either. There are also many solutions based on biometrics and artificial intelligence which provide simplicity but with a huge negative; if compromised, they cannot be replaced and forcing you to use an alternative. We’ve seen some big company come out with free mobile application to help you with your 2FA but their goal is to track you down in order to stick Ads in your face. They don’t care about your privacy.

Welcome PasswordWrench’s newest product to the family. Our 2FA allows enterprises to provide a secure 2-Factor Authentication within their system. Our technologies allow any website to offer 2FA without asking their customers to install a mobile application, and without the need to send a text message (SMS). Also, there is no digital PIN devices associated with our solution. PasswordWrench’s 2-Factor Authentication makes it easy to adopt by all users while advancing security to the next level. And did we mention it’s no more costly than any current 2FA solution out there, and significantly less costly than the PIN devices.

Our solution resolves the issues brought by SMS, PIN generators, biometrics/AI, while still offering the highest level of security. Your customers do not need to install a mobile application. In fact, they don’t even need a mobile device at all. How? By using the same Password Card technologies that make it easy for consumers and enterprises to manage their passwords safely. Anyone can replace their Password Cards at any time, and at no extra cost. It’s a renewable technology. You won’t be stranded, and PasswordWrench stays true to its mission – where security and privacy comes first. We still use all the top level security tools at every juncture of the process. The difference is that we free up the user from being reliant on unsecure or costly solutions.

Ready to give this to your development team or tech support to integrate? We have provided an API and SDKs written in JavaScript, PHP, Java, and .NET that allows any developer to integrate our technologies. And of course, we’re always here to help you get started.

Contact us now for a free enterprise quote!

PasswordWrench Password Manager Version 2.0

Today PasswordWrench launched our version 2.0 of our Password Manager. We have added several features intended to give our users more security and more options on how they can use our services.

First, we added an audit log for all paid subscriptions. You will be able to know when you logged in/out and monitor other actions on the account. This is an important feature because many accounts on the web gets hijacked without the knowledge of the user because they cannot see someone else logged in and impersonates them to access their account. With this feature, if someone does that, you will see it and you can take action.

Second, we now provide dual-authentication. We are not following the pack as SMS is still unsecure. We instead created a new system using our own Password Card approach. Just simply create a Password Card, print it or download the PNG, and you will use that as your dual authentication PINs. It’s simple, fast and easy. Even better, it does NOT rely on a third party carrier.

Next, you can now share passwords with other people. Sometimes you have an account you are sharing with your spouse, your child, or with colleagues at work, etc. and you want to keep those passwords safe. With the shared password tools, you will be able to use, manage, and share strong passwords. There is no more need to share written passwords or files, and you can manage who accesses which password anywhere in a centralized system. It’s very convenient and will eliminate phone calls asking “what is the password?”

We also added several enterprise features that allow any companies to provide to their employees the best and most secure password manager available. Our product helps companies manage their employees and other users along with rule policies. For example, you can group users into departments allowing a distribution of responsibilities. You will be able to set when passwords should be renewed, and when to warn your users about updating their passwords based on your corporate policies.

We are focused on providing the best and most secure products available and working hard to accomplish this mission. We hope you will like these new features and you are welcome to provide us feedback. We listen to our customers!

Thanks,

Patrick Tardif, founder
PasswordWrench.com