We provide a vast array of utilities to organisations the world over, but have a number of older tools which we have retired from our commercial front. As these tools pale in comparison to our current products, it made sense to provide these tools to the general public as a way to introduce ourselves to potential new customers without the need for any real work, as the alternative is to remove the code from our code base.

Some of these tools are passion projects from some of our programmers, and may be updated if and when said programmer chooses to do so. If a change is big enough to be integrated into our paid services, we will provide the paid improvement to our customers without removing the tool from our free access users.

Password Management

Password management has been a serious security issue for a great many years. Many people find themselves using the same passwords in multiple locations, using insecure passwords, or writing down their passwords.

Obviously, in the modern day, this behaviour is unacceptable. No organisation should allow its employees to use insecure, reused or noted down passwords. There are a number of password management options available to the public, and we have identified a potential hole in this market.

Password managers available either store your passwords for you online or offline. Either way, your password is being stored. Often, the online versions require payment too. The problems with this are as follows:

• A stored password can be brute-forced. If an online service such as LastPass has it's database leaked, an attacker has all the time in the world to brute-force that password.
• An offline password storage solution can be lost far more easily. If you're using KeePass2 and your hard-drive dies, your passwords are lost.
• An offline password storage solution can only be accessed locally. If you forget the device with the password vault, you don't have any of your passwords.
• A paid service can lapse. If you fail to make a payment in time, you may lose access to your passwords.

Whilst there are ways around these problems, we decided to simply beat them all with our Password Management tool. We do not store the passwords we generate, we only store one of the keys used to generate them.

To generate a password, you enter in what you want a password for, select the key to use (most people only have one key) and then use a reusable pass-code which is used with the destination and key to generate a truly unique password.

In this way, you can generate the same password for the same destination every time reliably from anywhere in the world, without telling us the password. If a password gets leaked, simply generate a new stored key and use that in the future for that destination. As such, you won't ever need to remember more than one code.

Secure Text Storage

Some organisations do require you to remember passwords, procedures, access URLs and more details. This information needs to be securely stored somewhere you can easily access it.

Considering our password management tooling does not store passwords, we needed a way to store such data, and opted for a secure text vault. We encrypt the text you submit using a key and a code. Any combination of key and code can be used to generate a storage area, so you could have a client name as a key, and different vaults for passwords and procedures. In this way, you can examine the procedures on their premises without exposing any of their passwords to underprivileged employees.

Any text can be stored in these vaults, and it will be encrypted to ensure that no-one, other than yourself, can read them. Whilst we can look up the keys you've used, if you forget your code, we cannot recover the data within.

Log Management

Many systems keep logs, and frequently log errors to those logs. When an error is logged, that machine may register an alert, but more often than not, that alert will be hidden amidst a pile of other logs, alerts and data. Finding problems in a system is often more a case of discovering that everything has gone wrong than watching a problem develop whilst you're still able to avoid tragedy.

As such, we built a log management tool. Any time a critical system runs, a summary log of those operations is generated and submit them to a log stream. If that log file contains errors or warnings, our log management system can identify the wording used or lacking from the log file and will immediately email the user.

Secondly, log types can be configured so that if a log file is not uploaded to a log stream within a set amount of time, again, an email will be sent to the user.

In this way, users can ensure that backups and other critical processes happen correctly and regularly, without needing to check each system and file every day.