PasswordWrench Mobile 2FA App Live in Android Store

Our 2FA mobile app is now live! PasswordWrench listened to our customers who have been requesting a smartphone Two-Factor Authorization mobile application. For the past several months we have been busy building & testing one of the most secure 2FA application in the industry. We just launched the Android version, and shortly we will release the iOS version as well.

The PasswordWrench 2FA mobile app resolves many existing security issues in the 2FA/MFA market. Working hard to address these issues while making an app that’s user friendly and secure were our top priorities. 

First, this 2FA mobile app is easy to use, a factor that is important to us as well as to our customers. The time it takes to set-up the app is down to one click. Our 2FA technologies are built around a downloadable/printable Password Card that works similar to a bingo game, and with this new mobile app, you don’t even need to download the Password Card anymore. A unique Password Card is generated for every login. Simply find and plug-in the coordinates – anyone can do it. 

Next, we bring more security than existing TOTP applications, as we resolve the vulnerability that TOTP apps have during the set-up process. Hackers can easily grab screenshots of the keys or the QR Code shown on the screen when you are using a TOTP app, and if they do, all PINs generated from that app are easily replicable on the hacker’s side. With the ubiquitous use of cameras everywhere, this problem is becoming a more prevalent concern in the cyber security community. We have eliminated this threat. 

Our solution also checks for potential phishing and middle-man attacks during the second-step login validation, something that no TOTP app does. We synch our validation with the server, validating our 2FA PIN using our provided API, which is of course seamless to the user. 

And finally, our app resolves issues related to the clock from the smartphone that requires proper synchronization properly from all TOTP apps. Sometimes, when generating a PIN from a TOTP app, the PIN will fail, even when valid, due to the clock on the device be off by few seconds. Our app fixes this issue as well.

If we hear about any other issues or problems that the industry and businesses are facing, be sure, we will be on those as well. 

The app can be found here.

New Product Launched: 2-Factor Authentication

Everyone knows by now that SMS is not a secure way to do 2-Factor Authentication, as your phone number can be hijacked, and sending a plain text PIN across 2 different networks increase the risk of interceptions. Many banks resolved those issues by providing an electronic device that generates a PIN. This alternative brings its own issues though. For example if you are traveling somewhere and forget your PIN generator, or lose it, you could be stranded for many days. And it’s not going to be cheap to replace it since they cost money to produce and take a while to ship. Many companies do not want to deal with such sensitive inventory management either. There are also many solutions based on biometrics and artificial intelligence which provide simplicity but with a huge negative; if compromised, they cannot be replaced and forcing you to use an alternative. We’ve seen some big company come out with free mobile application to help you with your 2FA but their goal is to track you down in order to stick Ads in your face. They don’t care about your privacy.

Welcome PasswordWrench’s newest product to the family. Our 2FA allows enterprises to provide a secure 2-Factor Authentication within their system. Our technologies allow any website to offer 2FA without asking their customers to install a mobile application, and without the need to send a text message (SMS). Also, there is no digital PIN devices associated with our solution. PasswordWrench’s 2-Factor Authentication makes it easy to adopt by all users while advancing security to the next level. And did we mention it’s no more costly than any current 2FA solution out there, and significantly less costly than the PIN devices.

Our solution resolves the issues brought by SMS, PIN generators, biometrics/AI, while still offering the highest level of security. Your customers do not need to install a mobile application. In fact, they don’t even need a mobile device at all. How? By using the same Password Card technologies that make it easy for consumers and enterprises to manage their passwords safely. Anyone can replace their Password Cards at any time, and at no extra cost. It’s a renewable technology. You won’t be stranded, and PasswordWrench stays true to its mission – where security and privacy comes first. We still use all the top level security tools at every juncture of the process. The difference is that we free up the user from being reliant on unsecure or costly solutions.

Ready to give this to your development team or tech support to integrate? We have provided an API and SDKs written in JavaScript, PHP, Java, and .NET that allows any developer to integrate our technologies. And of course, we’re always here to help you get started.

Contact us now for a free enterprise quote!

Why PasswordWrench is needed – a word from our Founder

My name is Patrick Tardif and I founded to provide a solution to people where they can preserve their passwords safely without forcing them to trust anyone. The more projects I managed for clients from Fortune 100 to start-ups, I realized how lax a lot of security protocols really are when implemented in daily-usage patterns. Software consulting requires direct access to sensitive data, but it wasn’t until my wife had her identity stolen and watched her go through that ordeal of fixing it that I realized just how vulnerable most people and companies are. Password management systems are great for ease of use, but my first question was – why would I trust another party to owning or managing all of my passwords?

I managed my own passwords for years using my own system. There was a need for me to create a system so that my own passwords will be complex enough and contain characters that match the requirements of the sites I regularly use. Many of those sites require a mix of numeric, upper case characters and symbols and this was becoming very difficult to remember, especially when I followed best practices of changing them regularly and ensuring none of them were identical. I searched for tools to help and discovered a huge fundamental flaw in password managers; I was forced to enter my passwords into their system.

The news is rife with stories of celebrities being hacked, identify theft on the rise, and perhaps more ominously, the NSA, Edward Snowden and all the stories about government agencies spying on their own people. I wondered how I could create a way so that people don’t have to enter their passwords at all - a way that is secure no matter if the system gets hijacked. I figured out a way to do this, and came up with

I state unequivocally that this is THE MOST SECURE password manager available on the market today. You can create safe and secure passwords using this system, all without having to give away your passwords. How can I legitimize this claim? It’s simple. We do not record passwords in our system; instead, we use an innovative way that uses a hint, and a password card that is unique to you. You can even print your password card and put it in your wallet since it’s designed to be the same size as a credit card.

I created a list of the main threats against identity theft and addressed each of those.

  1. You can also use it offline, without any electronic devices. If you use only one computer, for example, and you are not logged in, how can you use a strong password that you can remember without writing it down? Our printed password card will resolve that issue for you.
  2. Our system protects you against more sophisticated threats as well. A good example of this is virtual reality, the gaming industry, and new gadgets that being developed that can exert various forms of mind alterations. If you choose to believe the worst, and I have my doubts that government is capable and fast enough to keep up with rapidly changing technologies, then mind reading and control may soon follow. If you use our system, the chances that you remember your passwords of long strings of random characters is low, therefore these types of devices wouldn’t even be able to extract that info from you.
  3. Our system will also protects you against hidden, and not-so-hidden cameras. As CCTV and web-enabled cameras become ubiquitous, alongside arming everyone with a mobile recording phone, the chances of your login actions to your sites being recorded of course rises. By using the PasswordWrench system you can bypass that concern.
  4. The net that captures thousands or even millions of users’ data at once simply by hacking into a third party site. If you store your passwords in one site, doesn’t that already make you more vulnerable?

As the founder of PasswordWrench and a daily user, I welcome your feedback and opinions. I ask that you check out the site and make the decision for yourself. Who do you trust these days? Zero Trust architecture is our motto. Fixing the problem after it’s a problem is the nightmare we’re trying to help you avoid.