A secure way to manage passwords on a local machine.
General Information
Plaintext passwords are never saved.
Account Passwords (master password) : are hashed and salted then are stored to the localdatabase only accessible by that user.
Service Passwords : are symmetrically encrypted and are stored in the local database. They can only be decrpyted by confirming the master password of the user account.
Storage, Hashing, & Encryption
This program uses MySQL server and MySQL Shell to store hashed and encrypted sensitive data only.
- Hashed + salted master passwords are stored for each user. These are needed to unlock service passwords.
- Encrpted service passwords are stored and can only be decrypted thorugh use of correct user master password.
- User generates a 32byte key converted to base64 string that acts as the symmetrical key for Encrypting & Decrypting.
- User can generate a new key if needed, all service passwords that used the old key will need to be updated.
- If old key is removed or lost, all service passwords will unable to be decrypted to their original form.
Details
Windows Guide
Reminder : Any code snipped surrounded by {} will need your information.
Download the latest Release.
- It can be found in microsoft store for free if you search Windows Terminal.
- Open Terminal and set it as default Terminal in settings.
- (Optional) Change background color to a brighter/different theme for better readablility.
- type
keygenand copy the generated hash. - type
qto quit the program.
- Go to the scripts directory.
- Open .my.cnf file.
- Paste your key from
keygencommand afterEncryption=. - Enter a database name that will be used later.
- Save the file and close it.
- Open Powershell where .my.cnf is located.
- This can be done by
shift + rclickwithin the folder, select open Powershell window here.
- This can be done by
- Encrypt the file :
cipher /e .\.my.cnf- https://dev.mysql.com/downloads/installer/
- Select Full Install
- Continue to make a root password.
- This should install
mysqlserverandmysqlshell.
- make sure you are in JS mode type
\js
- password was created on install
\connect root@localhost\sqlCREATE USER '{your_username}'@'%' IDENTIFIED BY '{your_password}';GRANT ALL PRIVILEGES ON *.* TO '{your_username}'@'%';FLUSH PRIVILEGES;\disconnect\connect {your_username}@localhostCREATE DATABASE {your_database_name};SHOW DATABASES;USE {your_database_name};CREATE TABLE `users` (
`userID` int NOT NULL AUTO_INCREMENT,
`userName` varchar(25) NOT NULL,
`passwordHash` varchar(84) NOT NULL,
`creationDate` datetime DEFAULT NULL,
`guid` varchar(36) NOT NULL,
PRIMARY KEY (`userID`),
UNIQUE KEY `userID_UNIQUE` (`userID`),
UNIQUE KEY `userName_UNIQUE` (`userName`),
UNIQUE KEY `guid_UNIQUE` (`guid`)
) ENGINE=InnoDB AUTO_INCREMENT=0 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci;CREATE TABLE `services` (
`passID` int NOT NULL AUTO_INCREMENT,
`userID` int NOT NULL,
`service` varchar(25) NOT NULL,
`encryptedPassword` varchar(128) NOT NULL,
`guid` varchar(36) NOT NULL,
`creationDate` datetime NOT NULL,
PRIMARY KEY (`passID`),
UNIQUE KEY `passID_UNIQUE` (`passID`),
UNIQUE KEY `guid_UNIQUE` (`guid`),
KEY `userID` (`userID`),
CONSTRAINT `userID` FOREIGN KEY (`userID`) REFERENCES `users` (`userID`) ON DELETE CASCADE) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci;SHOW TABLES;- Open /scripts/.my.cnf
- Edit in your database name if you haven't already.
- Edit in a location for database backups.
- Preferably in /backups folder.
- Edit where you want to save database backup files.
- Save the file and close it.
- Go to mysql installation files, usually found in :
C:\Program Files\MySQL\MySQL Server 8.0\bin\
- Open Terminal in the bin directory and paste with your database username :
./mysql_config_editor set --login-path=client --host=localhost --user={your_username} --password- file is saved in: C:\Users{your_username}\AppData\Roaming\MySQL.mylogin.cnf
- Add
MYSQL_COMMANDSwith path{path\to\mysqlserver\bin\} - Add
POWERSHELLwith pathC:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe