Storage and Vault-less web based password management for managing website passwords.
The ZeroVault system works with two passphrases:
- A Vault setup passphrase: this passphrase is used to generate a cookie with a root capability for deriving all passwords. Any browser that you wish to use ZeroVault from will need the same value for this cookie and thus will need to be initialized with the vault setup passphrase.
- A generator passphrase. This passphrase that is never sent to the server is combined with the root capability to create a site-class capability used to create passwords for sites of a specific class. You are suggested to use different generator passphrases for different classes of web sites.
Zerovault will create secure recreatable passwords from domain username combinations. If desired, ZeroValut can also be used to generate a unique username for a site.
You may install ZeroVault on your own HTTPS web server or use the one on https://password.capibara.com/ if you don't feel the need to run your own instance. If you decide to run your own instance, take the following steps:
- Clone ZeroVault
- Configure a (virtual) https server on your web server.
- Copy index.cgi,vault.jpg and the templates directory to our document root
- Create a 'revoked' directory one directory up from your document root and make this directory writable for the uuid your server runs under.
- Edit index.cgi so that your server uses a unique salt