<< Click to Display Table of Contents >> Navigation: Elcomsoft Phone Breaker > Working with BlackBerry data > Working with BlackBerry Backups > About BlackBerry Password Keeper and Wallet |
BlackBerry users have an option to securely store and quickly access all their passwords and their financial information such as credit card numbers, billing addresses, loyalty points numbers etc. This information is held in BlackBerry Password Keeper and Wallet apps, and is securely protected by additional master passwords. Password Keeper and Wallet use separate master passwords. In order to access information stored in these apps, BlackBerry users have to enter the correct master password first. After 10 unsuccessful attempts to guess the master password, all data stored in BlackBerry Password Keeper or Wallet can be permanently erased from the device if a corresponding setting is selected by the user (which is normally the case).
BlackBerry Password Keeper
BlackBerry Password Keeper protects users’ passwords with a single master password, offering its users the convenience of having to deal with only one password instead of keeping in mind login credentials to dozens of Web sites, applications and services. BlackBerry users are encouraged to use Password Keeper to generate extremely secure random passwords containing a fairly long sequence of letters, numbers and symbols. All users’ passwords are stored securely encrypted, and can be only decrypted with a Password Keeper master password.
Information stored in Password Keeper gets into off-line backups when such backups are produced. However, even when the backup gets decrypted, the users’ passwords remain securely protected with an extra password: the Password Keeper master password.
The latest versions of BlackBerry Password Keeper now employ a secure escrow key to protect the password container – and Elcomsoft Phone Breaker can extract that key and use it to decrypt the protected container instantly and without lengthy attacks.
For older versions of BlackBerry OS (before 10), EPB for Windows can recover master passwords to the Password Keeper, providing full access to stored information in plain-text by brute-forcing the password.
BlackBerry Wallet
Similar to Password Keeper, BlackBerry Wallet stores users’ personal and financial information such as credit card information, billing and shipping addresses, loyalty rewards and membership card numbers. The tool is designed to speed up mobile checkout, significantly simplifying the online purchasing process by filling in the required fields automatically with stored information.
Information stored in BlackBerry Wallet is also encrypted and securely protected with Wallet master password. This password should be, and usually is different from BlackBerry backup password, adding an extra layer of protection to highly sensitive information kept in the Wallet.
EPB for Windows can recover master passwords to BlackBerry Wallet, providing full access to stored information in plain-text. EPB can try hundreds of thousands passwords per second, making dictionary and brute-force attacks feasible and the recovery time reasonable.