Product information
Protect and manage your passwords
Seclave Password Manager version 2 out now.

Seclave Password Manager
Seclave Password Manager makes it a breeze to handle passwords and encryption keys in a secure manner. The product can be used stand alone or together with any of the provided software solutions. Version 2 out now. Package includes:
- Seclave Password Manager version 2
- Quick Guide
- USB cable 50cm
- USB cable for keychain
€81 / 799 SEK
Features
Import, store, secure, use and back up your passwords in a simple way.
Import
Seclave supports importing passwords from the KeePass password manager, or by using our secimport tool.
Store
Seclave stores your passwords and encryption keys so that you always have them when you need them
Secure
Your passwords are stored encrypted. The encryption key is protected with a passcode. After four erroneous passcode entry attempts seclave will wipe the encryption key and all of the stored passwords.
Use
Instead of entering passwords manually, just connect your seclave to a computer and it will act as a keyboard, entering your passwords when you tell it to.
Backup
Encrypted backups can be made to a computer via the usb port. If a unit is lost, the encrypted backup file can be imported into another unit for instant password recovery.
Generate
Seclave can generate new strong passwords for you, making it easy to have different passwords for all of your accounts.
Technical specification
Weight & dimensions
Weight: 23g Height: 39mm Length 65mm Width: 10mm
Battery
Rechargeable Lithium-Polymer Battery. Hold power for more then 14 hours of continuous use. Charges the battery immediately when the device is connected via USB.
Processor
Atmel AVR Microcontroller
Display
128x32 pixel Transreflective LCD with LED backlight
Number of password entries
500
Crypto algorithms used
NIST approved AES-128, NIST approved CTR_DRBG, CBC-MAC, AES in counter mode and AES in CBC mode
USB keyboard layouts
English (US), Swedish, German, Norwegian, Danish, Swiss (German), Swiss (French), Mac English (US),Mac Swedish, Mac Pro Swedish, Mac German, Mac Norwegian, Mac Danish, Mac Swiss (German), Mac Swiss (French), English (UK), Mac English (UK), French, Mac French
Menu language
English
Case material
ABS plastic
Compliance
CE
Security and technical details
Encryption & decryption
The microcontroller contains two flash memories, one storage flash memory that hold encrypted data and an protected external memory chip to hold it's internal crypto keys. The stored content on Seclave, including passwords, labels, username and optional fields are encrypted with AES-128 using a high entropy random key. The encryption and decryption is carried out internally on the microcontroller of Seclave. This protected memory chip is design to protect unauthorized extraction of it's content, including protection against physical attacks. The user unlock the protected flash memory with a two passcode words, which is validated by the memory If four incorrect attempts are carried out the content will be permanenty erased.
Backup
The backup archives are encrypted with AES-128 in counter mode and authenticated using a CBC-MAC with a 128-bit high entropy random key. This makes the backup archive safe to expose to anybody, as long as the backup key is kept safe. The backups are seeded and fully filled, so it is impossible to determine how many passwords that are contained on a backup. It is also impossible to read out if anything or how much of the backuped data that has been changed between two backups without breaking the encryption.
Entropy
The internal entropy is managed using the NIST approved pseudo random generator CTR_DRBG, which uses AES-128 as the mixing function. The random generator is seeded with entropy from several physical sources, including a highly random seed based on timing events triggered by user interaction, sensors measuring physical properties with natural noise.
Security boundaries
The USB stack is written with security as a top priority as it act as an security boundary between the Seclave domain, which contains all passwords, and the computer it is attached to, which is only authorized to receive a subset of the stored passwords. This is achieved by only implementing a bare minimum of what is needed to drive a HID keyboard and a USB mass storage device and at the same time treating all data that is received from the computer as potentially being invalid and dangerous.