Synchronizable PBKDF2 based password generator
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
app
build
icons
test
.gitignore
.gitmodules
README.md
index.html
manifest.json
package.json

README.md

NOTE: No longer maintained

Motivation

I'm interested in using password generators such as hashapass, pwdhash, and passwordmaker.org. However there are just enough annoyances I have with those options so I investigated creating a better one.

Security

The other hash password generators tend to use insecure hashing methods and none of them use slow hash functions (e.g. PBKDF2) to protect against brute force attacks.

  • hashapass uses 1 round of HMAC-SHA1.
  • pwdhash uses 1 round of HMAC-MD5.
  • passwordmaker.org allows you to pick various algorithms. But runs only 1 iteration.

The current version of hash0 is v2, which has fixes for issues found in a security audit by Defuse Security of v1 of hash0.

Ease of Use

All of these other hash password generation sites use the domain + master password to generate your password. The typical solution to when you want to change a password is to append a number to the domain (e.g. "linkedin.com2").

Unfortunately there is just no way I could possibly remember what number to append for which website. Combined with the increasing breaches of major websites like LinkedIn or when Heartbleed was discovered, there is just no way someone using these other solutions can remember large amounts of numbers to append.

Details

Hash0 uses SJCL's PBKDF2 implementation with 100,000 iterations to derive password from a master password. On top of using PBKDF2, Hash0 uses an unique salt per site. Hash0 attempts to use the closest possible thing in a browser to a CSPRNG by utilizing SJCL's code. In modern browsers, this basically means obtaining data from window.crypto.getRandomValues().

Hash0 also borrows some functions from PasswordMaker.org when converting generated result to the desired charset.

Finally, the salt and different site configurations are encrypted using SJCL's encrypt() function, which uses AES-CCM with 256-bit key size and 128-bit authentication tag size. The encrypted data is then stored at a place of user's choosing. Storing these settings remotely in encrypted form allows Hash0 to be used across different devices.

Pros:

  • Salted password different per site
  • Uses PBKDF2-HMAC-SHA256
  • Salt stored separately from website's password storage
  • Synchronization of settings so I don't have to remember them (salt, password length, character set, etc)
  • Still 1 password for multiple sites

Cons:

  • Need storage elsewhere for encrypted setting (E.g. Google App Engine). You can deploy gae_storage to your own App Engine account and use it.

Usage

NOTE: These are no longer maintained

Google Chrome:

Firefox: