Although Enigmer is a brand new tool, there are some frequent Q&A:s already! Well, okay, there really aren't, but these are the questions I thought someone might ask.


Why is it called Enigmer?

The name Enigmer is a reference to a well known German encryption machine, called Enigma machine. Enigma was a great piece of engineering (although used in questionable circumstances) so it goes without saying that Enigmer isn't even close to all of it's properties.
Although the basic principle is a lot different in Enigmer (compared to the mighty Enigma machine) , it's used very differently and is not even close to the encryption power the Enigma machine had, I thought it still had some similarities with it (you write something in to it and something else comes out).

How does Enigmer work?

Enigmer is a tool that helps you to create and use good passwords. Simplified version of the Enigmer is as follows:
Enigmer combines a piece of random data with user input in order to create good passwords.

So, when you land on a login page of some web service, you give an input to the password field and Enigmer handles the rest. That input is read to the Enigmer and it's combined with the salt. The result is printed back to login page password field and sent to the web service.
More detailed version of the Enigmer can be found from the What? And Tech stuff -pages.

What's a a salt, field or a group?

Salt is semi-randomly generated piece of characters (MD5 hash) that's used to generate the password. It's combined with the user input and pushed through an algoritm that creates the final password for you. Salt is generated by collecting a few pieces of information: user browsing habits, browser bookmarks and current date and time (more detailed description can be found here). A salt can be used by a number of fields and salt has the information needed to generate the password (password length, minimum requirements, etc). Salt is identified by it's version number (ascending order from older to newer version).

Field is a web page password field, usually found in web services log in -page. Password fields are also found in 'change my password' -pages. These fields should be added to Enigmer, before you start using them. A field can only use one salt at a time. Field is identified by it's id.

Group is a collection of fields and salts. All the fields contained in the group may only use the salts which are contained in the same group with the fields. Groups are optional and they are only a way to separate multiple fields and salts to a common group, eg all the fields and salts from a single web service forms a group. You can use one group to hold multiple web services' fields and salts, but it may become cluttered after a while. Group is identified by it's name you give to it.

Salts, fields and groups are all managed from the Settings-window (settings in Firefox, settings in Chrome) .

How to change my password?

There are a few ways to change your password to a web service if you already use Enigmer in the login process: update the salt or change the input you type in. Changing the salt is a good option, because you don't have to change your input and the resulting password will be very different from the last time. It's a good practice though to change the input every once in a while, but it's not necessary every single time. It's up to you what strategy you want to go for.

The password change routine is a bit different whether you choose to change your input or you'd like to update the salt.
If you want to change your input, the change procedure is no different to a regular password change. Only thing to keep in mind is to make sure Enigmer covers the password fields on the password change page. If they aren't, you have to add them before you type in your new input (they have to use the same settings as the one on the login page, so add them to the same group and use the same salt version).

If you'd like to change the salt, you just upgrade the salts on the new password and repeat new password fields. Then you type in your input and submit the change. After this, you have to change the password field salt on the login page to match the fields on the change password page.

More detailed guides can be found here for Firefox or here for Chrome.

Are you single?

Am I sin... uh ..., do you have any questions about Enigmer?

How to adjust the password parameters (length, characters, etc.)?

Different web services have different needs for their passwords. Some of them only support 8 character passwords, some dislikes special characters and some of them need the password to match a certain criteria like minimum number of upper case letters. It's important to remember that the minimum requirements are only the minimum requirements. You should allow the Enigmer to create as long and complex passwords as possible, try to find the upper limit and match as close to it as you can.

Enigmer creates the password according to settings (settings in Firefox, settings in Chrome). Here you can adjust the length and character set of the password. For example, you need a password with at least 12 characters with uppercase and lowercase letters plus at least one special character. Repetitive characters should not be allowed.
In order to achieve this, select the group and salt you want to make adjustments to and choose as follows:
Password length – at least 12, the longer the better. If there's no upper limit, leave to 32.
Password characters – Select special characters and upper and lowercase letters. Nothing keeps you from selecting the numbers as well, it'll make the password more complex.
Minimum characters – Select Special characters and give it a number 1. This is only the minimum number of special characters and it ensures at least one special character will be on the password (the algorithm may still create more than one special character to the password). Make the same selection to the uppercase and lowercase letters as well.
Repetitive characters – Make sure this setting is checked. It makes sure, there are no repetitive characters on the resulting password.

You can test the settings on the lower part of the settings screen. After you are pleased with the results, save the settings and start using them.

Most common reason you have to change the settings is because not all web services support 32 character passwords. Secondly, special characters may cause some problems. In that case, you might want to use custom character set so that Enigmer uses as many special characters as possible, but avoids the ones that cause problems.

Can I have your Facebook id? Or maybe Twitter?

Well, I don't have one. So, no.

How to know my real passwords?

There's one way to show your resulting password in clear text. Open up the Settings-screen (settings in Firefox, settings in Chrome), select the group and salt you for which you want to know your password and type in your input on the lower part of the settings screen (your input is hidden so that no-one behind your back wouldn't see it). The resulting password is printed on the text box below. You can copy and paste it where ever you want.

I don't have a rock solid solution for storing the passwords that works for everyone, you are free to come up with an idea that suits you the best. Here are some ideas and thoughts about the subject:

Storing passwords is generally not a good idea. Luckily there are many password managers out there, which are pretty good at doing just that (instead of writing them down on a piece of paper). Usually they have a master password which then opens up the rest of the passwords. Some of the password managers are cloud based services and you should use two-step authentication on them.

Another way of dealing the issue is to make sure your Enigmer settings -file is always backed up. Without it, there is no way of recovering your passwords. This of course means that the input you type in shouldn't be forgotten either. These inputs are allowed to be a lot simpler than the resulting password, so they may be easier to remember. But if you want to make sure you won't lose them, maybe you could use a password manager for backing them up, it's not just passwords that you can save to these tools.

Help, I can't log in anymore to website X! Enigmer lost my password!

Hold on to your horses and calm down. If the Enigmer settings haven't been lost, you haven't deleted anything and you remember the input you should type in, there's a good chance that nothing's lost.

First and foremost, are you sure you typed in your input correctly?
Make sure the Caps Lock isn't on, there's a difference between uppercase and lowercase letters. Try to type in your input to some other program, to notepad or something, to see if it really comes out as you intended.

Make sure, you're using the proper salt version. If you just changed your password by updating the salt, make sure the login page's password field is connected to same salt. Does the marker on the field have color red on it? If it does, it's sign of possible version mismatch (it depends on, how you use the groups). You can check the current salt version by right-clicking on the field and selecting Enigmer – Salts. The menu shows list of salt versions and the selected one has a small dot on the left side. Usually you should be using the latest version possible, but that's not always the case. Try out different salt versions to see if it solves the problem.

Test Enigmer settings from the settings screen. It's possible that something weird has happened, maybe Enigmer has really lost it's settings. If you've changed the settings recently, it's possible that Enigmer somehow failed to write them down to the disk. To test this, open the settings screen (settings in Firefox, settings in Chrome). If the settings haven't been saved, redo them and see if it helps.

If you created a new salt and it hasn't been saved for some reason, there's no way to recover it (technically there is a possibility to recreate the salt, but you need the 24 hour browsing history from the time you created the salt, bookmarks you had at that point and the date and time it was created).
If there are no groups or salts to select on the settings screen, you've lost the Enigmer settings. This is what they call WCS, Worst Case Scenario. The only way to recover from this situation is to restore the settings from a backup. If that's not an option, maybe you could try to restore the settings file with a file restoring tool. If none of these optios are helpful to you, I'm very sorry, there's nothing more that can be done. Maybe you can recover your password using the old fashion way: contact the web service, so that they can reset the passwords for you.
I hope this is a rare event and if it ever does happen to you, you'll still keep using the Enigmer.