Secret! 4.0 Strong Encryption For Your Data

Installation And Upgrade

Secret! runs on all Palm Powered® handhelds with at least Palm OS 2 and of course on all current devices with Palm OS 5. Simply unpack the archive, and install the enclosed Secret!.prc file with a double-click.

The first time you start Secret! you will have to define the new master password. As a precaution against typos, you must enter the new password twice.

If you have already stored data in Secret! and you are reinstalling after a hard reset, cancel this dialog and install the file secret2.pdb.

Note: You should install Secret! in main memory, not on an expansion card. Applications on expansion cards are not synchronized during HotSync and are not backed up.

If you upgrade from a previous Secret! version, don't remove Secret! before you install the new version. This way your data will be preserved. If you've put Secret! into ROM before, make sure you move it back to RAM before installing the new version.

Left-handed users can use Secret! with either LeftHack or Lefty (but not both at the same time).

(Screen shot)Password

Everything you store in Secret! is encrypted with a password of your choice. This password is used to encrypt and decrypt your data and only someone knowing this password can access your data. No back doors, no hidden weakness! If you forget your password, you will have to remove and reinstall Secret! as there's absolutely no way to get to your data without knowing the password.

The password can be up to 24 characters long and may consist of letters, digits, and special characters. The password is not case-sensitive to avoid problems with accidental caps lock.

Whenever you start Secret! you are presented with an on-screen keyboard to enter your password. You can choose between a standard alphanumeric keyboard and a numeric keyboard (with extra large keys) if your password only consists of digits. The default keyboard can be set in the Preferences dialog. You can also enter the password with the keyboard or Graffiti (if applicable). Use the menu to toggle between showing the password in plain text or masking it with asterisks (*).

You can encrypt different records with different passwords. This could be useful if you want to protect some especially important records with an extra-long and complicated password, or if you want to share some information with others using a general password.

Records that cannot be decrypted with the current password(s) will be marked with a hash sign (#) in the list. When you select such a record, Secret! will ask you for the password for that record. All passwords that you enter while you use Secret! are saved internally, so you do not need to enter them twice.

To change the password for one record, all records in a given category, or all records, select Options - Change Password. To protect against typos, you have to enter the new password twice.

Note that changing the password for multiple records will only work for those records that can currently be decrypted (i.e. are not marked with a hash sign). The same applies to exporting of records.

If you use Secret! Desktop, please perform a HotSync before and after changing the password. The double HotSync will ensure that all data is encrypted with the same password both on the desktop and on your Palm. If you forgot to hotsync before changing the password and have modified desktop data, you may end up with a mix of old and new encrypted data.


Screenshot record listThe Secret! data screen has the well-known Memo category/record style. You can create up to 15 categories and store an arbitrary number of records in each. One record can store up to 32,000 characters.

You can sort the list view alphabetically or manually by dragging lines with the pen. In Secret! Desktop, records will always be listed alphabetically.

You can store anything you like in Secret!, e.g. credit card information, accounts, on-line passwords, transaction numbers, one-time passwords and everything else that needs to be kept Secret! We've even heard of people storing their diary or birthday present lists in Secret!

(Screen shot)To avoid accidental changes to very important data you can mark records as read-only in the Details dialog. Read-only mode is indicated by removal of the dotted lines.

Tap on the Font button to select from various fonts. The Fix font is a special font with clearly separated characters for 0 and O and l and 1.

You can search in Secret! by tapping on the Palm Find button. Of course, searching Secret! data only works inside Secret! and only with records that can currently be decrypted. Search is not case-sensitive and will find arbitrary sub-strings. Wildcards (*,?) are not supported.

Home Top

Collapse Mode

(Screen shot)To let you quickly navigate in long records on the small handheld screen, Secret! features a special paragraph collapse mode. If you tap on Details... and select Collapse Paragraphs, all paragraphs (text blocks separated by an empty line) are collapsed to their first line. Tap on the plus (+) sign to the left of a paragraph to expand it into full view. The collapse mode is not available in Secret! Desktop (because the PC screen is usually large enough to see the whole text).

Note: You cannot change data in collapse mode. However, you can select and copy text to the clipboard.



(Screen shot)Do you use transaction numbers (TANs) for online banking or other one-time passwords (OTP) for secure authorization? Secret! has a special built-in TAN mode that makes using TAN lists easier than ever.

Enter your list of TANs line-by-line into a standard record, then tap on Details and switch to TAN mode. Now you can use the TANs one-at-a-time. If a TAN is used, tap on the Delete button and the first entry will be removed from the list. You can undo the last removed entry. To prevent accidental changes, new TANs can only be entered in standard mode.

Used TANs are internally marked with an asterisk (*). You can always see the complete list of TANs by unselecting the TAN/OTP mode.

You can enter additional information below the TAN list, e.g. your account data. In normal mode, this text is separated from the TAN list by a single empty line.

If your bank uses the new iTAN scheme which requests TANs in arbitrary order, check the respective option in the Secret! Preferences and select the TAN to be removed from the list.


(Screen shot)To configure various settings of Secret! tap on menu Options - Preferences.

You can have Secret! automatically close the text screen and encrypt all data after a certain time of inactivity. This works in addition to the built-in auto-close at power-off. Data is always encrypted when the handheld powers off, when you switch it off manually, or when you change to another application.

To increase security against someone trying various passwords, you can configure Secret! to erase all data after a certain number of wrong password attempts. If the data is deleted, it can only be restored by synchronizing with the desktop.

If your password consists only of digits you can choose to start Secret! always with the Digits screen. Note that this makes it easier for someone trying to break your password because they can assume that you use only digits.

Secret! can open your text screen automatically when you have completed your password, thus saving you the extra tap on OK. Note that this makes it slightly easier to guess your password because one does not need to know the length of the password.

Secret! remembers the last open record and lets you continue where you last worked. If you often open different records, you can configure that Secret! always starts with the list view.

To increase security, you can configure Secret! to clear the clipboard after pasting text so the copied text is not accidentally left in the clipboard. Note that this may not work if you have third-party clipboard hacks installed.

To make the Secret! application inconspicuous, you can change the icon and title of Secret! that is displayed in the launcher. The icon title must not be empty. This will only affect the display in the Launcher and in the Info and Delete dialogs. It does not change the database name. Title and icon are changed by patching the program. If you have Secret! stored in FlashROM, this feature will not be available. With some third-party launchers you may need to perform a Soft Reset (enter pin into reset hole at back of unit) so that the launcher gets notified about the new icon/title.

Home Top


Data stored in Secret! is usually very important to you. Make sure you have a current backup available in case your handheld is lost or breaks down. The backup is always encrypted, so there is no danger if someone gets access to the file.

If you use Secret! Desktop, the provided conduit will store a synchronized copy on your desktop in the directory \palm\<username>\secret (where <username> is derived from your Palm user name).

If you do not use Secret! Desktop, the standard system conduit will back up all the Secret! data as all other third-party data to \palm\<username>\backup\secret2.pdb. Please make sure to have HotSync configured to System: Handheld overwrites Desktop (which is the default) to activate this standard backup functionality.

If you had to hard reset your device or otherwise lost your Secret! data simply install the file secret2.pdb together with Secret! to restore the last backup.

It's a good idea to once in a while make additional backup copies of the secret directory or the file secret2.pdb, respectively.

Expansion Cards

Secret! supports moving the Secret! database to an expansion card (SD/MMC, CF or MemoryStick). The main application of this feature is not saving memory, but rather added security: If you have your data on the card and remove the card, the data is no longer in your handheld and can't be accessed even if someone knows your password.

To move data from/to an expansion card, insert a card and select menu Options - Expansion Card. You should not remove the card before you leave the Secret! application.

Note: Because of Palm OS limitations, data on an expansion card is not synchronized or backed up during HotSync.


Secret! is shareware.You can try it out prior to your purchase, but you must register (license) it if you decide to keep it.

Please contact us for volume discounts and site licenses.

Frequently Asked Questions

I use Secret! Desktop. Suddenly, my data is no longer synchronized.

You may have moved the Secret! application or the Secret! data to an expansion card. For technical reasons, applications on expansion cards do not take part in the HotSync process. We suggest having Secret! in the handheld's main memory, or put it in Flash ROM with a tool like JackFlash or FlashPro.

The Secret! conduit may have been removed by another installation, e.g. of a new Palm Desktop version. Please make sure that Secret! appears in the list of HotSync manager conduits (right-click on the HotSync icon, then select Custom...). If not, re-run the Secret! Desktop setup, so that the necessary HotSync manager entries will be created.

If you've moved the Secret! data to an expansion card, the HotSync won't work (and you'll end up with your old data), because HotSync accesses only data in RAM. If you use Secret! Desktop, you should not use the expansion card feature of Secret!.

If the above does not help, have a look at the HotSync manager log and see if there are any error messages.

I had to reinstall Secret! after a Hard Reset or an Upgrade. How do I get my data back on the handheld?

The easiest way to reinstall Secret! after upgrading to a new handheld is to choose the same user name as before. At the first HotSync of the new device, you'll be asked for the user name. Selecting the existing user will automatically reinstall everything, including your Secret! data and your registration.

Below are two ways to restore your Secret! data:

If you use Secret! Desktop, select "Desktop overwrites Handheld" once in HotSync manager. Note that you must have Secret! installed (or install at the same HotSync) otherwise the Secret! Desktop conduit will not run.

If you do not use Secret! Desktop, the standard system conduit will automatically back up your (encrypted) data in a file secret2.pdb in the directory ...\palm\<user>\backup. You'll have to leave the HotSync System: Handheld overwrites Desktop setting at the default value for this to work. Install this file with the standard installation program and your data will be back on your handheld. Tip: It's a good idea to make backups of this file once in a while.

To get your Secret! data onto a new PC, simply install Secret! Desktop on the new machine, and perform a HotSync. This will copy all Secret! data from your handheld to your desktop. I tried changing the Secret! icon name and title in preferences, but the old icon is still displayed in the launcher.

Many third-party launchers cache information about icons and program titles. To have the launcher rebuild its information, perform a Soft Rest (enter a pin into the reset hole on the back side). A soft reset does not delete any data.

How come the Close button brings me back to the Enter Password screen and not to the launcher?

It is standard Palm application behaviour that programs do not quit by themself but are rather exited when the user switches to another program. This is useful because PalmOS is a single-tasking operating system, that is, at any time there's exactly one active application.
The same happens with Secret!, when you tap the application launcher icon or one of the four plastic buttons to switch to another program, Secret! will encrypt it's data and exit. The Close button on the data screen is not really necessary and just for convenient fast encryption. The only screen it can switch you to is the keyboard screen.

Why are the record titles and category names not encrypted?

The record and category titles are stored unencrypted because we need some reference to a record when something goes wrong during synchronization (e.g. duplicated category). If you are concerned about the names providing sensitive information, you should just use unsuspicious names. Then again, everything stored in Secret! is probably very sensitive, so a codebreaker might not gain that much info from the record names and categories alone.


Version History

4.0 (2009-07-04)

4.0 (2008-06-11)










Older Versions

Thanks to Daniel Bergman for the Swedish translation, Alex Appiani for the Italian translation, Diego Astuy González for the Spanish translation, Rául Fernandes for the Portuguese translation, Mirek Buczma for the Polish translation.

Home Top