A simple, stateless and reproducable password generator made for developers
Why would I want this? - You want to memorize one password but you don't trust every provider for keeping their passwords secure. Countless times big providers have been hacked and your password is now exposed to the public. Once that happens, a hacker can login to all your other accounts because you likely have the same password. This module gives a reliable way to create a different password for each service but still allows the use of one master password.
Generates a stateless password from the following properties
- environment - Can be either
ssh
orweb
. If you have more viable use cases that make sense liketv
,desktop
, feel free to open an issue and we can discuss it. - service - A service name like
google.com
oryour-company
- account - An account name like
bob
- masterPassword - A Password which you should have memorized and not saved anywhere (except physically)
The password is reproducable given these properties but cannot be reproduced with one part missing. It cannot be reverse-engineered.
The package can be installed via your favourite node package manager:
$ npm install pwdx
$ pwdx web google.com bob@gmail.com
? master password: ****
> Your generated password is: hFuUpOyHDFSKN5LD
> Serializable string (save to your password list): web/google.com/bob@gmail.com/16/digits:true/symbols:true
Besides your newly generated password, it also generates a serializable string which you can save to a google docs sheet or whatever you use to store notes (If you don't have one, try Notion!) and then use it to recreate the password using the CLI:
$ pwdx web/google.com/bob@gmail.com/16/digits:true/symbols:true
? master password: ****
> Your generated password is: hFuUpOyHDFSKN5LD
There are different properties to modify the password:
- --length (default: 16) - Password length
- --no-digits (default: false) - Disable generating a password with digits
- --no-symbols (default: false) - Disable generating a password with symbols
These properties are stored in the serializable string aswell so it is completely reproducible! ✨
$ pwdx web google.com bob@gmail.com --no-symbols --length=6
? master password: ****
> Your generated password is: hFHrp8
> Serializable string (save to your password list): web/google.com/bob@gmail.com/6/digits:true/symbols:false
The password encryption process is using the pbkdf2 algorithm from the standard node crypto package. The generated buffer is then mapped onto a base85 (with default settings) charset to generate your password.
pwdx © Fabian Eichenberger, Released under the MIT License.
Authored and maintained by Fabian Eichenberger with help from contributors (list).