Q-ID is a user-friendly encryption-based information manager for confidential/private data such as
web login passwords, bank accounts, credit cards, travel information, personal notes, One-Time-
Password Data Structures and much more. It provides a secure environment to save important
information and offers an intuitive graphical user interface, customizable records, Master Password
access, self-destruct and auto-lock options, advanced search options, and note sections in every
record (data card).
Q-ID includes all our great standard features such as secure data management, advanced encryption, colourful GUI, password generator, built-in templates, search options, clipboard encryption&decryption and complete OTP Virtual Token Management. Q-ID for Windows, for Mac and for Android all have an advanced SSL-supported data synchronization feature allowing you to sync your Q-ID data with another PC/Mac or with your Android, and vice-versa. Q-ID's multiplatform synchronization feature makes your sensitive data virtually available 24/7!
Q-ID is easy to use, customizable, and works on multiple platforms. increasingly, consumers are
using multiple device Operating Systems (O.S.) in their daily lives, such as Windows at home, Mac
O.S. at work, and Android on their mobile phone. Wouldn't it be nice to store your confidential data
in one application that operates seamlessly on multiple platforms? That is our goal with Q-ID: store
data on one device and sync it to other devices so that your personal data is available 24/7. And
because it works on multiple platforms, Q-ID makes sharing confidential information with people
you trust easy and secure.
We live in the Internet era. You must have tens, hundreds or even thousands of Web accounts, PINs, and passwords here and there. How do you manage all of them? Q-ID is an easy-to-use, very secure way of managing your data, and it helps you keep your data available 24/7. Q-ID is customizable so you can enter just about any relevant data, such as product warranty info, product service numbers, kid's clothes sizes, prescriptions, bank account numbers, doctors' information, travel information..... the list goes on and on. And once you enter all that data into Q-ID, it's safe and quickly accessible. No more fumbling around the house for notes or calling friends or family members for help, your data is right there at your finger tips in one single application.
Below are a few examples of bad data management behavior that allows data to become very vulnerable:
o Using one password for everything--some websites use unsafe practices such as saving users' passwords in plain text. This allows Webmasters or anyone who has access to the website's password database to see and potentially use your password on other websites.
o Jotting notes down on paper--maintaining paper records in a safe, easily accessible manner is extremely challenging for most people.
o Saving notes on your computer--this method is unsafe because anybody can access your unprotected files if your computer is lost or stolen. This method is also inconvenient because your files are only accessible on your computer.
o Saving documents on public servers--using Google Docs, Dropbox, or any other similar serverbased document storage system is very popular. However, public servers cannot be completely safe from outside attacks and, more importantly, your documents are accessible to internal parties (legally or illegally).
Q-ID will allow you to create messages that no one can spy on. Only the person with whom you
have shared a key will be able to decrypt the message. Start typing an email using your preferred
client; copy the text in the clipboard; activate Q-ID and select the icon "key" in the bottom of the
menu. You will be asked for a password (the key) to encrypt the text. You can provide one
password on the fly or retrieve it from one of the data cards.The clear message on the clipboard will
be replaced by the message encrypted using AES256 encryption with the password provided. Copy
the contents of the Clipboard as well in the body of the email, or in a message on WhatsApp or
Facebook, without any fear. No one will be able to violate this information.
Beside managing your private information on data cards, Q-ID is able to manage different data cards containing an OTP data structure. Using these structures, your Q-ID application becomes a Virtual Token, able to generate the right One-Time-Password for the on-line services you are accessing. Of course, this function can be used in accordance with your provider, your bank or the company you work for.
The important thing to remember is that you can use a single device (your smartphone) in order to manage however many OTP-based access systems you will need to have. No more forgotten tokens in the office or bundle of tokens in your pocket.
Q-ID uses powerful 256-bit Advanced Encryption Standard (AES-256) cryptography to encrypt QID data. AES is an encryption standard adopted by the U.S. government and is the highest level amongst the three block ciphers standardized by NIST FIPS 197: AES-128, AES-192, and AES-256.
AES is used as a security foundation for hundreds of millions of online transactions occurring worldwide every day. The attacks to this algorithm are infeasible with current technology.
In addition to its powerful AES-256 encryption, Q-ID also uses Cipher Block Chaining (CBC) as a block cipher mode of operation for enhanced security. And a unique Initialization Vector (IV) for CBC is also generated using a cryptographically safe random number generator.
Moreover, Q-ID uses standard SHA256 (256-bit hashing algorithm) and bcrypt, a key derivation
function with an adaptive function, so it ensures that Q-ID data remains resistant to brute-force
Day by day, computers become faster and hackers have access to the best computing
platforms; using software specialized to crack passwords, they are able to test
hundreds of thousands or millions of passwords per second. These software may work
for months on many computers simultaneously, multiplying their cracking power.
So if you want your Master Password to be (pratically) unretrievable, you should choose something that these software will not able to manage.
An advice from one of the best security expert -Bruce Schneier- is to take a sentence and turn it into a password.
You could start from a mixed language sentence and/or a grammatically incorrect sentence: something like "It was a dark and stormy nite and That's All Folks!" might become "1TwAdAsNite&TAF!". This is a strong password (sixteen characters) that won't be in anyone's dictionary.
Using Q-ID, the Master Password is the only one that you'll have to remember because it will be used to protect all of the other passwords you need; and that is the reason why it's smart to use a password manager like Q-ID.
Inevitably, the Master Password must be strong. So, keeping in mind Mr Schneier, you should choose one in line with the precautions summarized below:
- (today) must have a minimal length of 12 characters; 14 or more is better
- must not be predictable, not related with names, dates, or places that are related with your personal life
- must contain a variety of characters (upper and lower case letters, punctuation symbols)
- must not be dictionary-listed
"Dictionary-listed" passwords include all commonly used passwords plus a big number of combination of them, combinations of names and numbers, etc. Dictionaries are commonly used by hackers' software.
TIP: we introduced an additional protection facility for your Master Password: Bcrypt. Bcrypt is a well-known, strong cryptographic algorithm that, due to its inherent computational cost, makes a brute-force attack 10^4 times less efficient.
Another advice: beware of the "secret questions".
For sure, you don't want a backup system, for when you forget your password, to be easier to break than your password. So, feel free to select "your mother's surname" question, BUT OF COURSE you don't want to write the surname of your mother in this field; instead, you can write a second and strongest password/passphrase, as rescue of the primary one.
No - because of Q-ID's unique characteristics, such as client-side encryption and tight integration
with the local Operating System, developing a client in a Web browser without compromising
security was impossible. Instead, easy-to-use native clients for Windows and Mac are provided.
Q-ID supports a Device-to-Server method for synchronizing Q-ID Data:
o Synchronization is performed between your device and Q-ID servers.
WINDOWS VERSION: You can select this function by clicking the "Sync" button at the main toolbar as shown below:MAC VERSION: You can select this function by clicking the "Sync" button at the main toolbar as shown below:ANDROID VERSION: You can select this function by tapping on the "Sync" button at the bottom of the screen as shown below
You don't have to sync your data to our servers; however, we do offer automatic data
synchronization as an added bonus. With this feature, you can access your updated Data on-the-go.
For example, the data that you entered into your home Mac can also be available on your work PC
or your Smartphone at the click of a button. Without this feature, your latest data would only be
available on your home Mac and not on your work PC/Smartphone. Syncing your data to our
servers also backs up your data and protects it in the event of computer/phone theft or hardware/
Encryption and decryption are executed only on your device locally. When you sync your data to our servers, your data is uploaded in an already-encrypted format which is unreadable to anyone who does not have your Master Password. When you download data from our servers, that data is also delivered in encrypted format. Only when you access Q-ID locally on your device with your Master Password is your data decrypted and readable.
In other words, your data is never transferred or saved on our servers in decrypted form. Even to us,
the developers and operators of Q-ID servers and services, your Data is just an unrecognizable
chunk of binary data. Therefore, we do NOT have access to your data. And we do NOT have access
to your Master Password - if you forget it, your data is unrecoverable!
o True Synchronization--Q-ID synchronizes data on a record-by-record basis. Some products in the market synchronize data by a simple, file based backup-and-restore method, which, in many cases, causes conflicts and results in data loss. A record-by-record method ensures the integrity of your data and does not result in data loss
o Multipoint Synchronization--Q-ID allows multi-platform synchronization. Thus, you can run a
Device-to-Server sync on any device associated with your Q-ID account. Furthermore, no
unintentional duplication or data removal results from a Q-ID synchronization.
Remember: your data is uploaded in encrypted format and unreadable to anyone who does not have
your Master Password.In any case, if you want to remove this encrypted data, go to http://www.qid.
net, and login to your account. Click the "Account" link located at the top of the screen. Under
"My Account", scroll down to the "Q-ID" section. Click "Erase" and your data will be removed
from our servers.
Your Master Password is an encryption key for ciphering your data. It is the single point of entry to your data. There is no way to access your data if you forget your Master Password. If you do happen to forget your Master Password, we CANNOT retrieve it! Thus, please protect your Master Password.
On the other hand, your Account Password is a login password for your account at q-id.net. You can reset it if you forget it. Even if someone else knows your Account Password, he or she cannot access your data. However, he or she can delete your data from our servers.
Q-ID is free to use. However, you'll need Premium Service to backup your data online and to sync data between devices (e.g., between a PC, a Mac and an Android phone). All other features of Q-ID are free to use at your convenience for as long as you like.
You can try Premium Service for free for 30 days!
We believe a Premium Service fee is a cheaper and a better payment option for Q-ID users. The advantages are:
o No payment for each client--No matter what devices or Operating System you use, you don't need to pay to use Q-ID on each one separately. Your Premium Service fee covers all the clients you use.
o No payment for newer versions--Many software vendors require users to pay for major upgrades because it is the only way to compensate them for their investment. With Q-ID, there are no additional fees or charges for client upgrades.
o No payment for multiple users--If you share your Q-ID account with your family members or colleagues, you can do so without additional charges.
o Flexible payment--Even if your Premium Service expires, you can always use the latest version of
Q-ID for free. You can reactivate your Premium Service anytime you want to in the future: Your
data stored in the Q-ID server will be kept for 6 months after expiration. Or you can remove it
explicitly anytime before expiration. See "I want to remove my (encrypted) data in the Q-ID server,
how do I do that?" for more information.
With the Import / Export function you can import or export your confidential data in your Q-ID App
by taking them from any device without having to copy them one by one. To do that you have to
prepare a file in CSV format by following the instructions here attached