Password manager

A place to document your own projects.

Password manager

Postby Sjaak » Mon Nov 17, 2014 5:44 pm

I was frustrated by trying to remember my passwords for all my websites and got even more frustrated when i need to change a password again after some months. Dont even to mention the needed complexity of them nowadays. A bit insired by the mooltipass featured on hackaday, but too scared of the complexity and hugeness of it, I decided to roll my own.

Also I'm not a terrorist nor a high placed public person, so I dont need that high encrypted and bulky design. Prolly the NSA would crack this thing in a matter of days (minutes?) but I think it will keep your pr0n logins safe from your little brother ;).

Current design/features:
- Uses the supercheap PIC16LF1454 (+- 1USD/piece) with no need for a XTAL (Clock is derived from USB)
- Uses a small but crystalclear OLED (128x32, I2C).
- Uses an OS USB stack ( http://www.signal11.us/oss/m-stack/ ).
- Emulates a keyboard (HID) for entering usernames or passwords.
- USB thumbdrive footprint.
- Device is protected by a pincode (securely stored in flash on the uC).
- Simple PC application for updating protected storage (currently compiles on linux and windows).
- 32Kbyte storage for usernames/passes (512 username/passes total).
- External storage is XORed with a pseudo RNG (seed of the RNG is not based on the pincode).

Here are some pictures of the final prototype.

IMG_20141117_205652.jpg
welcome screen.. obviously beta ;)


IMG_20141117_205635.jpg
use pincode to unlock the passes


IMG_20141117_205724.jpg
'application' facebook selected, top button send username, bottom the password, middle cycles to the next 'application'


The final design would have prolly a bit more space between the buttons and the display. Currently some prototypes are tested by close friends or relatives. If successfull I'll put up a small production run (depending on the animo for it) and publish the
User avatar
Sjaak
Fellow
Fellow
 
Posts: 3293
Joined: Sun Jan 03, 2010 2:45 pm
Location: Hiero

Re: Password manager

Postby tayken » Tue Nov 18, 2014 7:25 am

Nice, I like it! That's a nice one. My main problem is I don't just use my PCs, I also use my tablet and smartphone a lot. Did you try it out with such devices?

Oh and I'd love to test one to see if it can be cracked via BP, OLS, PicKit etc...
User avatar
tayken
Developer
Developer
 
Posts: 1507
Joined: Sat Dec 12, 2009 10:58 am
Location: Tokyo, Japan

Re: Password manager

Postby Sjaak » Tue Nov 18, 2014 11:56 am

tayken wrote:Nice, I like it! That's a nice one. My main problem is I don't just use my PCs, I also use my tablet and smartphone a lot. Did you try it out with such devices?

The device is purely based on an USB HID keyboard. AFAIK keyboards on tablets/phones are Bluetooth based so I guess not.

tayken wrote:Oh and I'd love to test one to see if it can be cracked via BP, OLS, PicKit etc...


For free I guess? :P try seduce me with a bottle of goot solderflux :D
User avatar
Sjaak
Fellow
Fellow
 
Posts: 3293
Joined: Sun Jan 03, 2010 2:45 pm
Location: Hiero

Re: Password manager

Postby tayken » Tue Nov 18, 2014 12:21 pm

Sjaak wrote:The device is purely based on an USB HID keyboard. AFAIK keyboards on tablets/phones are Bluetooth based so I guess not.

Hmm, that should work. My tablet comes with a USB keyboard and an OTG adapter for flash drives and such. It basically works with all my devices. I'll try a regular USB keyboard I have with my devices to see if it works.

Sjaak wrote:For free I guess? :P try seduce me with a bottle of goot solderflux :D

Heh, nope, PCBs are free, devices cost money. But will talk with the post office to see how I can send some flux over there. :D
User avatar
tayken
Developer
Developer
 
Posts: 1507
Joined: Sat Dec 12, 2009 10:58 am
Location: Tokyo, Japan

Re: Password manager

Postby dwhacks » Mon Nov 24, 2014 1:07 pm

Very cool! I guess I might have to give a go at PIC for this. Keep us posted!
dwhacks
Newbie
Newbie
 
Posts: 1
Joined: Mon Nov 24, 2014 12:13 pm

Re: Password manager

Postby Philip » Tue Nov 25, 2014 4:46 am

can the thing work without the LCD?
Philip
Full Member
Full Member
 
Posts: 120
Joined: Tue Feb 16, 2010 4:14 am
Location: Philippines

Re: Password manager

Postby Sjaak » Tue Nov 25, 2014 6:17 am

Philip wrote:can the thing work without the LCD?


In theory yes; but it is hard to select the right user/pass combo without visual feedback.
User avatar
Sjaak
Fellow
Fellow
 
Posts: 3293
Joined: Sun Jan 03, 2010 2:45 pm
Location: Hiero

Re: Password manager

Postby jquinchi » Tue Nov 25, 2014 2:32 pm

Hi. I would like to know the way you control the LCD. With that PIC. I've been trying but my PIC get full memory.
jquinchi
Newbie
Newbie
 
Posts: 1
Joined: Mon Nov 24, 2014 9:56 pm

Re: Password manager

Postby Sjaak » Thu Dec 04, 2014 10:29 am

jquinchi wrote:Hi. I would like to know the way you control the LCD. With that PIC. I've been trying but my PIC get full memory.


I cheated a bit by using the compiler in pro mode. You can try the pro mode for some time for free :D

The other option was using the microchip stack (less bulkier), but I couldn't get it to work properly.
User avatar
Sjaak
Fellow
Fellow
 
Posts: 3293
Joined: Sun Jan 03, 2010 2:45 pm
Location: Hiero


Return to Project logs