Monthly Archives: December 2011

A Personal Android App For The Agile Lifestyle


Our lives are moving faster than ever before. Who isn’t rushing around every day, desperately holding onto the one tool that unlocks everything about your life?  If you’re like me, your smartphone feels like an extension of your arm.

Our smartphones are as vital to our daily lives as a strong cup of coffee or a warm bed at night. Without them, we get nervous. How could we be disconnected from our text messages, Twitter, our games, our loved ones, our contacts, or our calendars for any length of time?!

We feel the same way about personal data. That’s why we’re making sure that your information is always at your fingertips with the launch of our Android app.

Personal on Android infographic

You’ve always been able to access your Personal data vault through the mobile web at personal.com, but now Android users can download our app in the Android Market and have secure, instant access to the most important details of your life.

With our app, you can enter info when you’re out on the town (like the fantastic wine that you’re enjoying with dinner) or always have access to the details you already saved in your vault, like your numerous passwords and logins.  And, you can share these gems back and forth with whomever you choose.

No more anxiety over finding the data you need, when you need it most. Our app provides a sense of confidence and what I call: “tech swagger.”  You now have the ability to securely and easily organize, search and control access to your digital information and online identity.

Make your life Personal.

How Personal lets you login…without storing your password


Since we launched our open beta last month, we’ve received valuable feedback and good questions from people, including these: “Does Personal really not store a copy of my password? And, if you don’t store my password, how do you know it’s really me when I log in?”

Very understandable.  After all, you provide your username and password to log into Personal. It may seem like magic – or just hard to believe that we wouldn’t store a copy of your password – but it actually comes down to a little bit of very smart math.

In cryptography, there is a set of functions that comprise a Secure Hash Algorithm, or SHA, designed by the National Security Agency.  SHA functions are used with your password to produce a hash, or a long string of letters and numbers, that Personal stores for comparison with the password you enter, but cannot be used to reverse engineer your password. (If you want to get deeper into it, this Wikipedia article will help.)

Here’s an example:

Let’s say this is the password you’ve chosen to use on Personal: $aGuhetE4e6E5e%a.

When you register for Personal, we will take that password, apply the SHA functions and hash it like so:

SHA-256($aGuhetE4e6E5e%a) = 7313c5fdbe55eccd01e857cb64c5784d569f342f191d118dfffcbc8c748d37d7

This long string of characters is known as the hash. Only the hash is stored in the database. We never store your actual password, and it cannot be reverse-engineered from the hash.

The next time you come to Personal, you’ll enter your username and password again and Personal will simply hash Login screenthe newly-entered password. We then compare the  two hashes (the stored one and the entered one) to determine if they match. If so, we allow the login. If the passwords don’t match, we know to reject the login attempt.

This is just one of many security concepts and best practices that Personal uses in conjunction with a SHA-256 password hash to keep your sensitive information safe and accessible by only you and those to whom you grant access.

Do you have a question?  Let us know in the comments and subscribe to our RSS to get notified when we post more on these topics.

Tagged in: ,
Tarik

By Tarik Kurspahic in Inside Personal

December 12, 2011