When I go to Roboform's options, under Security you can choose among the following encryption algorithms:
-DES
-3DES
-AES
-Blowfish
-RC6

By default it's set to AES. Is this the safest one? If not, which one? Thanks

yes

DES is definitely inferior to Triple-DES which is in turn inferior to the rest.

RC6 was the candidate for the competition for the AES standard (the current AES standard was originally named Rijndael when it was just a candidate, fyi).

I'd personally choose Blowfish because according to wikipedia no  good cryptanalysis has been done for it; AES is more widely used and so more people are looking into how to break it so maybe you're at more risk to be cracked .

quote:

---

Originally posted by Mnjul
I'd personally choose Blowfish because according to wikipedia no  good cryptanalysis has been done for it

---

quote:

---

Originally posted by Mnjul
I'd personally choose Blowfish because according to wikipedia no  good cryptanalysis has been done for it; AES is more widely used and so more people are looking into how to break it so maybe you're at more risk to be cracked

---

DES isn't actually broken, however the keylength of 56 bits was deliberately crippled by the US NSA, presumably because they have a backdoor to decrypt it with short keylengths.

3DES is supposedly pretty secure by using a triple pass in chain-block cipher mode.

AES is generally faster and is considered as secure as blowfish. I've not looked at RC6 myself, YMMV.

Thanks everyone for their replies. Now, the way roboform works is that it stores the login information for a user's commonly accessed websites (username+password). It will only provide and fill the login info once the user logs in the program by means of a password that the user sets. So the question is, who cares how safe is the encryption method? I mean, if the program's access password is weak enough, someone can guess it or decypher it and then access all the encrypted login records stored in Roboform. ???

quote:

---

Originally posted by alegator
I mean, if the program's access password is weak enough, someone can guess it or decypher it and then access all the encrypted login records stored in Roboform. ???

---

Nobody mentioned how important the password is. If you use an easy password, it doesn't matter how 'super-fucking-great' the algorithm is.

I would choose AES.

quote:

---

Originally posted by linx05
Nobody mentioned how important the password is. If you use an easy password, it doesn't matter how 'super-fucking-great' the algorithm is.

---

quote:

---

Originally posted by alegator
I mean, if the program's access password is weak enough, someone can guess it or decypher it and then access all the encrypted login records stored in Roboform.

---

Of course, it needs to be implemented properly. But I didn't want to get into symantics.

What if you forget/lose the access password? I guess then you'll be unable to retrieve your stored logins.

quote:

---

Originally posted by alegator
What if you forget/lose the access password? I guess then you'll be unable to retrieve your stored logins.

---

quote:

---

Originally posted by alegator
What if you forget/lose the access password? I guess then you'll be unable to retrieve your stored logins.

---

quote:

---

Originally posted by andrewdodd13
DES isn't actually broken, however the keylength of 56 bits was deliberately crippled by the US NSA, presumably because they have a backdoor to decrypt it with short keylengths.

---

quote:

---

Originally posted by Menthix
Doesn't make it more secure. Security through obscurity is generally a bad thing .

---

Can u tell me which Encryption  method..best encryption algorithm regarding performance, complexity, size, number of cycles per byte, OS supported, tool or opensource support......and why
i want comparable study of diff. encryption algo regarding these isssuse
plzz give me some link or directly guide me.......

http://security.resist.ca/crypt.shtml

http://www.google.ca/search?q=comparing+different...ryption+algorithms