Firefox - Introduction

Let's learn, how to use Enigmer. You can use the sample login form here for training purposes (you might need to adjust pop-up blocker settings for that link to work properly). Please, remember not to use your real passwords when testing Enigmer on this demo-site. I can guarantee, I'm not looking at the values you type in to the fields in demo-site, but there is no way I can prove that to you. Use only aribitrary characters!

Usually login forms look something like the one here:Login form

 

 

You have your username and password fields with the Log in -button. You can test the demo-form by giving it some arbitrary characters to both fields and press Log in. After you submit, the page shows, what were the values from the previous page.
You can return back to the form by selecting Back-link:Log in result

 

Enigmer can't tell automatically, what are the services you'd like to use it with, so the first step is to add this example service to the Enigmer. Right-click to the password field, select Enigmer – Add Enigmer Field...

 Add Enigmer field

Enigmer prompts the question, what's the name of the group that's created? What's a group, you ask? A group is a collection of password fields and you can have as many groups as you want. Password fields contained in one group share their settings regarding the password creation and they share the all important salts. It's up to you, how do you want to use these groups. Do you want to use only one group, which holds all the web services in one container or do you prefer to create a group per service. They both work the same. I'd recommend you to create one group per service, otherwise salt management may become a bit of a challence.
More information about a group and salt can be found here (FAQ - What's a salt, field or a group).

After you have given a name for the group (if you haven't, let's call it a “test group”), look closely to the right side of the password field, it has a letter E in it:Enigmer marker

 

 

That's a signal from Enigmer to the user: I've got this covered. From now on, when ever you come back to this page, that password field has an E in it. So you don't have to do this every time you want to log in, it's saved to the Enigmer.
Now you can test the login page again to see what happens. Give a letter b as your username and the same letter as your password. After you press the submit button,Enigmer result you can see the Enigmer in action:

 

 


This page shows your username (letter b), but the password has been changed (you'll see a different password, because the passwords are unique). That's how Enigmer works.
Now, let's try to change that password without changing your input. Go back to the login page by clicking the link "Back". Right-click on the password field and select Enigmer – Salts – New salt...

Update salt

Confirm the change by selecting Ok. That's it, now you have changed your password. Try this by logging in again using the same credentials as before, letter b as the username and as the password. Second page shows you the login information, username hasn't changed, but the password looks different (again, your password will be different. The point is, it's different from the first time you logged in):Enigmer login result after salt update

 

 


Of course you can change your password by giving a different input. Go back again and give letter c as your password. Second page shows you that the password has changed again. So, the input you give and the current salt both have a 50% effect to the password. By changing one of them, the resulting password is changed. It doesn't matter, how much they change, the change itself is what matters.

Few other things you might want to know before setup

Salt management is something you should be aware of. For example, if you want to change your password in a web service (by changing the salt), it's very likely you are asked to give your current password as well as your new password. If you have been using Enigmer in that service before, only the new password -fields should have their salts updated (more information about changing your password in a real web service can be found here). After the change, you must change the salt on the main login form to match the salt on the new password -fields.

Go back to login form. You manage the salts under the Salts-menu, right-click on the password field and select Enigmer – Salts:

Enigmer salt menu

At the moment you should have created two salts on the sample login password field (if you've followed the tutorial, one was created automatically when the field was added to Enigmer and the second one we created manually to make a change to the password). You can see from the menu that the current salt is Version 2 (there is a small mark on the left side). Try to select Version 1 and confirm the change by pressing Ok. You should see a change in the color of the small letter E, it's been turned to red:Enigmer marker - red

 

 


This means, that there is a salt with bigger version number available but this password field is not using it. This is the kind of situation you have, if you have changed your password to some service and you try to login for the first time after the change. You can start using the latest version the same way we did before: right-click to the password field and select Enigmer – Salts – Version 2. The letter E on the password field changed back to green, so it's using the latest version of the salts in the group. This is a feature that let's you know, if different password fields of the group are using the latest version of salt or not.

By the way, if that small letter E is difficult to notice or you just don't like it, you can change the way Enigmer marks the field. Right-click again on the password field and select Enigmer – Marker Type – Field background. Now the password field has a very different color scheme:Enigmer background marker

 

 

This coloring works just the same as the letter E: the color changes depending on the version of the salt that's been used.

Now you should be good to go, let's setup the Enigmer.