4 releases
0.1.3 | Jan 13, 2020 |
---|---|
0.1.2 | Jan 13, 2020 |
0.1.1 | Jan 13, 2020 |
0.1.0 | Jan 12, 2020 |
#2466 in Cryptography
9KB
99 lines
PWORD
A one way, sync free, deterministic password generator. 100% in Rust diceware and aragon2 (Winner of the 2015 Password Hashing Competition) to create a cryptographically secure password.
You should be able to install this program on any computer and access any of your passwords completely offline and without sync.
What the 🧠 human has to remember
- Passphrase "Endnote kindness clover"
- Name of website password is for "github.com"
If you enter the above text into pword, it will always show you the same password of raW5kbmVzcyBjbG92ZXI
which I suggest you do not actually use - this is for demonstration purposes only.
Installation
Quick install
cargo install pword
Clone and build install
git clone https://github.com/drbh/pword.git
cd pword
cargo install
How it works
Based on the diceware algorithm we generate a master passphrase for the user to remember. This passphrase is seeded by a secure random number generator more info from developers. Next, we use this passphrase as a salt in the aragon2 password generating function.
Based on the users' input for the website - we suggest the hostname including the domain but not the protocol or trailing path. eg - github.com
not including https - and the master passphrase we have a sufficiently random, but easy to remember input to our hash function. We pass the input and salt to Aragon2 a memory-hard password function. The output is a long well-hashed string, which we subset 20 characters from the middle.
The output is a unique 20 digit password that can be regenerated by using the phrase and password host. While this aims to be extremely easy for a human to remember the process of generating a password is computationally expensive (requires passphrase generation, and memory-hard hash function).
While you could create a more secure password (one that's 100+ digits long) it would be extremely hard to remember, but this provides you an easy way to create and access many very secure (probably more secure than your current password) from a cross-platform tool.
Use
Master Passphrase
pword new
# Endnote kindness clover
Generate New Password
pword generate
# Type a password:
#
# 👍 thanks.
#
# Type a label for your password
# github.com
#
# Your password:
# raW5kbmVzcyBjbG92ZXI
Dependencies
~4MB
~79K SLoC