Dangerous Prototypes

In development => Project logs => Topic started by: Sjaak on November 17, 2014, 11:44:52 pm

Title: Password manager
Post by: Sjaak on November 17, 2014, 11:44:52 pm
I was frustrated by trying to remember my passwords for all my websites and got even more frustrated when i need to change a password again after some months. Dont even to mention the needed complexity of them nowadays. A bit insired by the mooltipass featured on hackaday, but too scared of the complexity and hugeness of it, I decided to roll my own.

Also I'm not a terrorist nor a high placed public person, so I dont need that high encrypted and bulky design. Prolly the NSA would crack this thing in a matter of days (minutes?) but I think it will keep your pr0n logins safe from your little brother ;).

Current design/features:
- Uses the supercheap PIC16LF1454 (+- 1USD/piece) with no need for a XTAL (Clock is derived from USB)
- Uses a small but crystalclear OLED (128x32, I2C).
- Uses an OS USB stack ( http://www.signal11.us/oss/m-stack/ (http://www.signal11.us/oss/m-stack/) ).
- Emulates a keyboard (HID) for entering usernames or passwords.
- USB thumbdrive footprint.
- Device is protected by a pincode (securely stored in flash on the uC).
- Simple PC application for updating protected storage (currently compiles on linux and windows).
- 32Kbyte storage for usernames/passes (512 username/passes total).
- External storage is XORed with a pseudo RNG (seed of the RNG is not based on the pincode).

Here are some pictures of the final prototype.

[attachment=1]

[attachment=2]

[attachment=0]

The final design would have prolly a bit more space between the buttons and the display. Currently some prototypes are tested by close friends or relatives. If successfull I'll put up a small production run (depending on the animo for it) and publish the
Title: Re: Password manager
Post by: tayken on November 18, 2014, 01:25:35 pm
Nice, I like it! That's a nice one. My main problem is I don't just use my PCs, I also use my tablet and smartphone a lot. Did you try it out with such devices?

Oh and I'd love to test one to see if it can be cracked via BP, OLS, PicKit etc...
Title: Re: Password manager
Post by: Sjaak on November 18, 2014, 05:56:04 pm
[quote author="tayken"]Nice, I like it! That's a nice one. My main problem is I don't just use my PCs, I also use my tablet and smartphone a lot. Did you try it out with such devices?
[/quote]
The device is purely based on an USB HID keyboard. AFAIK keyboards on tablets/phones are Bluetooth based so I guess not.

[quote author="tayken"]
Oh and I'd love to test one to see if it can be cracked via BP, OLS, PicKit etc...[/quote]

For free I guess? :P try seduce me with a bottle of goot solderflux :D
Title: Re: Password manager
Post by: tayken on November 18, 2014, 06:21:55 pm
[quote author="Sjaak"]The device is purely based on an USB HID keyboard. AFAIK keyboards on tablets/phones are Bluetooth based so I guess not.[/quote]
Hmm, that should work. My tablet comes with a USB keyboard and an OTG adapter for flash drives and such. It basically works with all my devices. I'll try a regular USB keyboard I have with my devices to see if it works.

[quote author="Sjaak"]For free I guess? :P try seduce me with a bottle of goot solderflux :D[/quote]
Heh, nope, PCBs are free, devices cost money. But will talk with the post office to see how I can send some flux over there. :D
Title: Re: Password manager
Post by: dwhacks on November 24, 2014, 07:07:31 pm
Very cool! I guess I might have to give a go at PIC for this. Keep us posted!
Title: Re: Password manager
Post by: Philip on November 25, 2014, 10:46:19 am
can the thing work without the LCD?
Title: Re: Password manager
Post by: Sjaak on November 25, 2014, 12:17:15 pm
[quote author="Philip"]can the thing work without the LCD?[/quote]

In theory yes; but it is hard to select the right user/pass combo without visual feedback.
Title: Re: Password manager
Post by: jquinchi on November 25, 2014, 08:32:41 pm
Hi. I would like to know the way you control the LCD. With that PIC. I've been trying but my PIC get full memory.
Title: Re: Password manager
Post by: Sjaak on December 04, 2014, 04:29:02 pm
[quote author="jquinchi"]Hi. I would like to know the way you control the LCD. With that PIC. I've been trying but my PIC get full memory.[/quote]

I cheated a bit by using the compiler in pro mode. You can try the pro mode for some time for free :D

The other option was using the microchip stack (less bulkier), but I couldn't get it to work properly.
Title: Re: Password manager
Post by: akash614 on April 05, 2018, 06:04:00 pm
this is a cool project can you post the link for code and schematics of this project i would love to do one