The Lakery Software Products


Frequently asked questions

In the following we'll address frequently asked questions about the Tresør application.
  1. Question:
    PIN storing doesn't work!
    On some phones you need to move the application to the phones internal memory.
  2. Question:
    Importing and exporting password files (JSR 75) doesn't work.
    On most phones you need to give the application the right to read and write data before import and export works. Out of that, check with your phone manufacturer that your phone supports the optional JSR 75 (PDA Optional Packages for the J2ME® Platform) functionality.
  3. Question:
    Why exits the application after 2 minutes?
    It's a security function to exit the application after 2 minutes of inactivity. This protects your data in case you leave your phone with the application started and PIN entered somewhere unwatched.
  4. Question:
    The backlight of the display goes off before I can finish copying my password. Can you change that?
    There is no manufacturer independent way to accomplish this. You'd have to change the general display or power saving settings of your phone.
  5. Question:
    How can I protect myself from data loss?
    Export your passwords often to your micro SD storage and/or to your desktop computer.
  6. Question:
    How can I migrate my data to a new phone?
    Follow these steps:
    1. Export your passwords on the old phone,
    2. move the export file to your new phone (using your PC),
    3. install Tresør on the new phone,
    4. import the file on the new phone using the newly installed Tresør application.
  7. Question:
    How easily can my master PIN be cracked?
    The longer your PIN is the better. Internal testing in 2010 with current consumer hardware has given the following numbers for a brute-force-attack:
    PIN digits Time to crack
    6 10 seconds
    7 111 seconds
    8 20 minutes
    9 223 minutes
    10 41 hours
    11 18 days
    12 207 days
    13 6 years
    Please note that the numbers may differ in a big magnitude if the attackers have good equipment and good IT skills.
  8. Question:
    How many digits should my PIN have?
    If you lose your cell phone or it gets stolen you should have enough time to disable your bank and web accounts. Take a look at the table above and add some extra safety.
  9. Question:
    I've forgotten my PIN. Can you help me?
    It's our policy to not crack or help cracking PINs and break laws.
  10. Question:
    How secure are my passwords?
    The passwords are encrypted using the AES-256 algorithm with a random initialization vector and SHA-256-hashed PIN. The PIN hash itself is not stored to avoid rainbow table attacks.
  11. Question:
    Can a thief extract the passwords to his PC without the PIN?
    It depends on your mobile phone implementation. You should calculate that he can.
  12. Question:
    Why is the PIN numeric? An alphanumeric PIN would be more difficult to break.
    That's right. Restricting the PIN to be numeric speeds up application usage on numeric keypad phone models. On this type of phones the risk of mistyping alphanumeric PINs is much larger.
  13. Question:
    Will there be an Android® version?
    An android version is not planned at the moment. You can check whether this online converter works:
  14. Question:
    What if my question isn't answered here?
    Customers can reach the customer support at this address: customer support.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.