OnlyMe Site License Information

Home


Savvy organizations of many kinds have found that OnlyMe provides them the combination of security, simplicity, and support features that they are looking for:


OnlyMe Site license FAQ:

Can we set an administrative override password?

Can we set a backdoor password?

Can we tell a user his backdoor password?

Can we insure that users enable and use the program?

Can we insure that users' password are at least N keys long?

Can we set a maximum Lock Delay value?

Can we set the program to erase data after N wrong password attempts?

Can we have OnlyMe log password entry attempts, both valid and not?

Can we put our own image and/or text behind the password entry keyboard?

Can we set the program to show an image instead of the keyboard?

Can we disable the Fast Start option?

Can we set which password entry keyboards are usable?

Can we set owner information to be shown if the user has not set his?


Security OnlyMe was the first serious access locking program for PalmOS® devices.

Over time, many similar programs have come and gone. Most have breathlessly touted security "features" (e.g. "Stops Graffiti shortcuts!!!") that have been quietly handled by OnlyMe from day one.

In fact, to save you time and bother, a complete, up-to-date list of competing access lock programs - and other security related PalmOS programs - is at PalmOS Security Programs.

If security is your field of expertise, you may have already evaluated and quickly rejected a number of programs because you, perhaps without much PalmOS experience, found it easy to defeat them.

Tranzoa is not in the business of helping crackers, so we do not publish technical information about security holes in any products or OS versions. On the other hand, site licensees can get the "staight dope" from us on the current state of affairs with regard to PalmOS device security.


Simplicity Your users are not security experts. In fact, they probably would rather there be no security "hassles" on their PDAs. After all, they do not use their PDAs for the pleasure of proving to the PDA who they are.

Aside from security, OnlyMe's main design tenent has always been, "keep it simiple for the user". Tranzoa struggles to keep confusing options out of sight from the user. From a user's point of view:

  • The power goes off.
  • The power comes on.
  • He enters his password.
  • He is back where he was.

Minimal effort. Minimal bother. No "cockpit of the 747" program setup. No mind-numbing hours spent studying the documentation. No need to learn the convoluted and arcane world of security. For example, a user can ask to be able to HotSync without entering their password (Yes, we have been asked that question!). But, OnlyMe does not contain such obscure program settings that may inadvertently disable security.

The original vision of OnlyMe was for the user to enter his password with one broad gesture. During development, we found that the program could give the user ability to enter the password using any combination of:

  • a gesture,
  • the hard, plastic applications' buttons,
  • on-screen keyboards,
  • Graffiti.

Why is this important? Because the user wants a PDA, not a password entry device. The quicker and easier it is to enter a password, the less incentive the user has to disable, defeat, or avoid security measures. At first glance, the user may be impressed by how ponderous and officious (and therefore "secure") restricted input methods are. But after a few uses, the user will question the value of having such a lock on his device. Do you look forward to answering that user's question?


Support You know what it means to support hundreds of users of all levels of expertise. Perhaps your users are spread throughout the world. If so, you know how much it costs to support them from long distances, 24 x 7 x 365. No matter how your organization is distributed, you want to deploy and support a security solution without adding huge costs to your budget.

Notice OnlyMe's consumer price. Is it any wonder that Tranzoa is extremely focused on minimizing OnlyMe support costs? Over the last few years, OnlyMe has gathered the operational field experience required of smoothly operating software.

OnlyMe contains numerous, small details that allow it to operate with programs and OS versions containing bugs and anomalies.

OnlyMe contains site license features that give you the ability to control the level of security and to "save the day" when users at far-flung locations lock themselves out of their device:

  • Administrative password.
  • Forced enable-locking.
  • Minimum password length setting.
  • Two types of backdoor passwords.
  • Set, remove, disable, and restrict user interface options.


OnlyMe Site license FAQ...


Can we set an administrative override password?

Yes. And when an admin password is set, the user may not lower the security settings (which may be set to any desired, initial value by the site licensee).

In other words, if an admin password is set, then the user may not disable OnlyMe or extend the Lock Delay value beyond a value set by the site licensee.


Can we set a backdoor password?

Yes.


Can we tell a user his backdoor password?

Yes. OnlyMe actually can have one of two types of backdoor passwords. The first is simple. It can be used at any time, but its use disables OnlyMe's operation until a new, normal password is set. The other type changes values each time it is used. The current value of the latter type of backdoor password may be told to a user without compromising his or other devices in the future.


Can we insure that users enable and use the program?

Yes.


Can we insure that users' password are at least N keys long?

Yes.


Can we set a maximum Lock Delay value?

Yes.


Can we set the program to erase data after N wrong password attempts?

Yes. Site licensees may set OnlyMe to wipe the device's memory completely after a given number of "Cracker Time Locks". Cracker Time Lock is an OnlyMe feature that triggers on every 5 unsuccessful password entry attempts. Each time Cracker Time Lock triggers, OnlyMe ignores password entry for a few minutes.


Can we have OnlyMe log password entry attempts, both valid and not?

Yes. You can set OnlyMe to log any reasonable number of various events. The log may be read from the backed up program file on the HotSync'd PC.


Can we put our own image and/or text behind the password entry keyboard?

Yes. In fact, the site license version of the program (which may be freely beamed without reverting to being a trial version) is required to contain a custom backdrop image.


Can we set the program to show an image instead of the keyboard?

Yes - until the user uses his stylus or pushes a key.


Can we disable the Fast Start option?

Yes. In fact, site licensees can take it off the screen.


Can we set which password entry keyboards are usable?

Yes. You may disable any of the password keyboards. And, if more than one keyboard is enabled, you may set the initial keyboard shown by the program.


Can we set owner information to be shown if the user has not set his?

Yes. And you may set OnlyMe to show your organization's owner information initially.


Tranzoa, Co.
P.O. Box 911
Maple Valley, WA 98038 U.S.A
+1 (425) 432-3532
Email: onlyme_site_info@tranzoa.com

omsite.htm :
Last modified July 4, 2002