Why login is shown with all numkey in USC Password Security Storage System ?

For those who are going to try the trial version of USC Password Security Storage System Light Version 1.1, one thing I need to clarify.

The login and password are encrypted. But when user want to check the data, even a wrong numkey is input, the login comes out correctly. That is not a bug; that is what it should be.

Remember that most logins are either our names or abbreviation of them. It is easy to find which one is right. So if someone uses this program in user's PC and tries with several numkey, he/she can judge from the login whether the password is the right one. In other words, if login and password are encrypted together, we are risking against the luck of the bad guy.

With this arrangement, there is no way to find which password is correct, unless the password is too weak.

Then there is another question. Can one input password with tens to hundred trials? If any bank or any password-protected websites would allow such operations, then we do not need to protect our password because our accounts are easily accessed by any hackers.

As always advised, change the password once every six months. Of course, it is better to use a program to encrypt the password to avoid leaking by any unexpected way.