The keylogger one: I can't think of a way to keep passwords safe. The most you can do is make a PHP proxy type thing (and use it to store the passwords, hence the PHP edition comes into play) in which allows you to scramble the password to access it with a click of a button, and you just need to check an e-mail that the keylogger infected computer does/shouldn't know about.
I'm not sure I know what you mean, what is the email for? The keylogger logs all input, so it could reconstruct everything you typed, couldn't it?
Keylogger: if the keylogger takes screenshots and the passwords are displayed with asterisks or white-on-white as with the new online edition (beta), how will a screenshot reveal the password?
While you're selecting it with the mouse, maybe. The keylogger would also know the master password, and the settings if you changed them from the default ones. It could reconstruct the password. I DON'T want to enter the master password there.
I was thinking, if the online edition had some storage ability (php, mysql) it could produce a "one time password" to store and retrieve settings. Like this: on the storing page the master password is encrypted with a second password. The first four characters are cut off, the user writes them on a piece of paper, it's like a transaction pass. The rest of the hash is stored on the server, wich returns a settings ID.
In the internet cafe, the online edition is called with that settings ID, and the javascript will have the rest of the hash inside, in its code. The user provides the second password and the four characters of the hash, from which the script computes the master password for the session. The complete hash is never sent, making brute force attacks impossible.
The server deletes its own copy of the hash, of course. The second password becomes useless.
But here's the problem, if the keylogger monitors the clipboard, how can the user get the generated password from one window to the other? Is there any way to have two frames, and one frame fills a field in the other fram via javascript?
This is for people who are really paranoid, of course.
As for the other issues, why not use TrueCrypt for the settings file?
The man and his wife one: if she has her directory encrypted (assuming her profile is on a NTFS drive with Windows), she can be saved, as the husband would need the password to her account on the computer to read the directory.
Encryption is good, but again, what about a keylogger? If I were that husband, that's the first thing I'd install. Not really, of course. Chances are, she doesn't have her own windows account with her own privacy, and he's the administrator after all. What about using a USB stick? Can that be made secure? Or a SD memory card?
Windows edition one: It can steal whatever settings you have saved (accounts, default password generation, maybe even the master password). This applies to any edition that allows storing the settings. This allows the writer to know what sites to use the passwords at as well.
Maybe then the master password should be saved in a random location instead of a fixed location. But where to hide it? The writer of the virus knows the PasswordMaker source code, after all. I don't see a way, unless the user is willing to authenticate himself, like using a key card or biometric data, something that's not easily logged. Keyloggers are really nasty. And anything attacking a specific program is bound to find a way. All I can think of is having so many random factors inside the PasswordMaker program, that it's impossible to track them all in a reasonable amount of time....