Options

• Safe Login
• Register (get codes)
• Administration
• SMS Subscription

About KYPS

• Security
• Ease of use
• Comparison of technologies

How it works

• Technical Overview
• Registration Modes
• Cookie and Link Encryption
• Account Deletion

compact codes

A compact code is a sequence of case-sensitive characters, for example g9KjK3. Compact codes are short, but you must be careful when manually entering them using the keyboard. Some people prefer compact codes over (short) word codes because they are shorter.

Each compact code is an encrypted version of your password. As such, the code's length depends on the length of your password. If your compact codes seem to be overly lengthy, then please consider changing your password into something shorter. Alternatively, you can use word codes or short word codes.

KYPS will generate compact codes as PDF, 4-column plain text, and single-column plain text. An example of a list of compact codes in PDF format is here.

word codes

A word code is a sequence of English dictionary words, for example awful insurer go dill. Word codes are longer than compact codes, but some people find it is easier to enter them using the keyboard.

Each word code is an encrypted version of your password. As such, the code's length depends on the length of your password. Word codes are typically larger than short word codes. If your word codes seem to be overly lengthy, then please consider changing your password into something shorter. Alternatively, you can use compact codes or short word codes.

KYPS will generate word codes as PDF, 2-column plain text, and single-column plain text. An example of a list of word codes in PDF format is here.

short word codes

Each short word code (SWC) is a sequence of English dictionary words, for example jam not labour. SWCs are very easy to use because of their relatively short length.

SWCs are not encrypted versions of your password. KYPS generates SWCs using a secure pseudorandom number generator from a space of 2^32 (in decimal: 4294967296) possibilities. Here is brief security analysis of the SWC system: An attacker that is trying to correctly guess some - any - short word code (this does not need to be one of your codes specifically, but may be anyone's on the system) can expect to be successful after about 2147483648 (more than 2 billion) online guessing attempts. While this may seem to be a large number, with today's Internet speeds an attacker can produce that many guesses in a relatively short time. However, there is no need to worry: KYPS implements two defences against this sort of brute force guessing: firstly, each login attempt requires solving a captcha - meaning that an attacker should expect having to solve (or correctly guess) more than 2 billion captchas in order to brute force a single login session. Secondly, the maximum rate at which the KYPS server produces captchas is currently limited to 40 captchas per minute (overall, not per account). This means that the attacker will have to wait more than 53687091 minutes (more than 102 years) in order to receive all those captchas in the first place.

Because SWCs are not encryptions of your password, in order to use them, the KYPS server has to store a copy of your password in its database. That is why you need to choose whether or not you wish to enable the "short word code" service during the registration of an account. If you do not enable this service, then KYPS will generate only compact codes and (normal) short codes for that account.

If you have enabled the short word codes service, then the KYPS server will generate SWCs as PDF, 4-column plain text, and single-column plain text. An example of a SWC list in PDF format is here.