Security FAQ

I lost my password. How do I reset my password?

Most lost user passwords and category passwords can be reset.

Request a password reset code Email DavidRM Software (support@davidrm.com) and request a password reset code.

You will be sent a password reset code and instructions for how to use it.

NOTE: Users who have activated Extended Security cannot have their passwords reset. That’s one of the features of Extended Security.

How do I set/change my password?

Click on the User menu and select “Change User Password…”

You will need to enter your current password (unless you have a blank password) to create a new password, and then confirm your new password.

How do I get rid of my password?

If you do not want The Journal to prompt you for your password:

1. Click on the User menu and choose “Auto-Login”.

2. Enter your password at the prompt to confirm auto-login.

You can turn off automatic login by clicking on the User menu and choose “Auto-Login” again.

What is Extended Security?

Extended Security enhances The Journal’s normal security by adding an additional layer of protection, and a couple of security-related options.

The Journal’s “basic” security is quite good, more than most people will ever need. Extended Security builds on that to make The Journal as secure as possible.

Learn more about Extended Security.

What kind of encryption does The Journal use?

Passwords

Passwords in The Journal are never stored in the database without being “hashed”.

Passwords are salted and hashed a random, large number of iterations using the SHA256 algorithm. This is a one-way hashing algorithm, making it nearly impossible to guess the password from the hashed value and computationally expensive to attempt.

Encryption

Entries stored in The Journal are compressed before they are encrypted. The compression removes redundant information from the entry, making the encryption somewhat more secure.

Compression of entries uses the ZLib general compression library.

Encryption of entries uses 128-bit AES (American Encryption Standard).

Encryption keys, password salts, and cipher initialization vectors are created using the Microsoft Windows CryptGenRandom function.

Don't See Your Question?

If you have any questions about The Journal, please don't hesitate to ask. Email met at (support@davidrm.com) mailto. I’m here for you. :-)

The Journal FAQ