Skip to content

Latest commit

 

History

History
155 lines (114 loc) · 4.44 KB

README.md

File metadata and controls

155 lines (114 loc) · 4.44 KB

Cryptopass

A CLI utility for generating long, unguessable passwords.

Program generates the password from:

  • Login (be it email, login, user ID... up to 127 bytes long),
  • Domain name of the resource where password is generated for,
  • Password length (1-32, default 25)
  • Master password

using 5000 iterations of PKDBF2-SHA256 algorithm.

Features

  • Compatible with reference Cryptopass implementation (see "Prior Art")
  • Coded in pure C99 as console application
  • Does not require OpenSSL or any other third-party libraries
  • Can be compiled statically on any OS, including Android

Prior art

Used components

Usage

To invoke Cryptopass with all parameters, type:

cryptopass login domain.com 25

or just

cryptopass

to interactively specify the required information.

NOTE: Master password (the password using to derive the application passwords) CAN NOT be specified on command-line! The user is expected to type it interactively!

Best practices on using Cryptopass

  1. Consider using long passphrase (>30 letters, numbers, special chars) as master password.
  2. Do not use your master password anywhere else! Use it only for Cryptopass
  3. Do not re-use the application passwords on different websites! Generate new password for every login on every resource!
  4. Keep the master password safe and backed up. Also, it is good to keep the list of logins and domains along with the master passwords. The passwords generated by Cryptopass should NOT be remembered!
  5. If the remote resource becomes breached, re-generate the password for that resource immediately and change the passwords as requested by resource owners.

And finally: Treat your passwords like underwear. Change them often and don’t share them with anybody!

Building

  1. Clone the repository with Git:

    git clone https://github.com/basilgello/cryptopass
    

    or download the master snapshot from Github if Git is not installed.

  2. Build Cryptopass

    On POSIX-compliant operating systems supporting GNU Autotools, the build process is straghtforward:

    cd cryptopass
    autoreconf --install
    ./configure
    make
    make check
    make install
    

    To create static builds, do:

    cd cryptopass
    autoreconf --install
    ./configure
    make LDFLAGS="-static"
    make check LDFLAGS="-static"
    make install
    

    On systems with no GNU Autotools, build is also simple:

    gcc \
        -s -static \
        -o cryptopass-static \
        -DFASTPBKDF2_NOASM \
        -DHAVE_TERMIOS_H \
        -DNO_CONFIGURE_BUILD \
        -I lib/ \
        src/cryptopass.c \
        lib/libcryptopass/libcryptopass.c \
        lib/fastpbkdf2/fastpbkdf2.c \
        lib/base64/base64.c
    

To create static builds for Android:

  • Download Android NDK

  • Export path to NDK root as NDK environment variable, e.g:

    export NDK=/path/to/NDK/root
    
  • Compile the binary executable:

    cd cryptopass
    
    $NDK/toolchains/llvm/prebuilt/linux-x86_64/bin/armv7a-linux-androideabi16-clang \
         -s -static \
         -o cryptopass-armv7a-androideabi \
         -DFASTPBKDF2_NOASM \
         -DHAVE_TERMIOS_H \
         -DNO_CONFIGURE_BUILD \
         -I lib/ \
         src/cryptopass.c \
         lib/libcryptopass/libcryptopass.c \
         lib/fastpbkdf2/fastpbkdf2.c \
         lib/base64/base64.c
    
    $NDK/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android21-clang \
         -s -static \
         -o cryptopass-aarch64v8a-androideabi \
         -DFASTPBKDF2_NOASM \
         -DHAVE_TERMIOS_H \
         -DNO_CONFIGURE_BUILD \
         -I lib/ \
         src/cryptopass.c \
         lib/libcryptopass/libcryptopass.c \
         lib/fastpbkdf2/fastpbkdf2.c \
         lib/base64/base64.c
    

Contributing

Contributions are welcome in form of Github pull requests (PRs).

License

This program is licensed under Apache License 2.0.