Password Generator App: Open Sourced

Announcement:

We are open sourcing a few tools we developed recently. Here is the second one.

Password Generator Chrome Extension

Install it from chrome webstore Here are the docs

Summary

A completely client side password generator.

What is it

Its a chrome app to generate unique passwords for each site. Depending upon the domain and a master password a unique password is generated. It doesn’t need any server and everything happens on the client side.

Why?

I want to use a unique password for each website. However, I don’t want to use lastpass/1password as I find their interface confusing and overkill, and I don’t want my password stored on remote servers.

I use a simple passwording scheme. I have one master password. For each site, I append the first two letters of the domain to master password and use that as the site password. This is sub-optimal as its easy to understand this scheme, if say two of my passwords are leaked.

I want to algorithmically generate the password on the client side, with a chrome app.

How does it work?

password_1 = SHA256(masterpassword+domain)
password = take_first_8_letters(password_1)

This will generate a per domain password with 8 characters of entropy and it depends only on master password and the domain.

In the UI side, it works like this:

  1. You set your master password in the app.
  2. You click the Chrome app button to generate a domain specific password. It generates the domain specific password and copies the password to clipboard.
  3. You use the password to signup. Next time you want to login, you click the app to get the password.

Thank you for reading the Agiliq blog. This article was written by shabda on Jan 15, 2013 in open-source .

You can subscribe ⚛ to our blog.

We love building amazing apps for web and mobile for our clients. If you are looking for development help, contact us today ✉.

Would you like to download 10+ free Django and Python books? Get them here