The Site Specific Password Munger
Python
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.gitignore
GPL
LICENSE
README.md
passmash.py
pm
setup.py

README.md

Passmash - The Site Specific Password Munger

Passmash produces a unique password for each site you use based on

  • The url (supplied as a command line argument)
  • A password (supplied via an interactive prompt)
  • A keyfile (located at ~/.ssh/passmash.key)

Usage

There are two ways to use passmash

  1. Using the pm script.

    The pm script takes a URL (or other identifier) and prompts for a password. It places the derived (generated) password on the clipboard.

     $ pm yoururlhere.com/login
    
    1. On Linux it uses the xclip program.
    2. On MacOS X it uses pbcopy.
    3. On Windows it uses clip.
  2. Invoking the python module directly.

    Alternatively you can invoke the module directly

     $ python -m passmash anyurlhere.com/login
    

    It will pipe the derived (generated) password to stdout (fd 1) and place all other output (such as prompts and error information) on stderr (fd 2).

Setup

Install Dependencies

  • Linux [Debian Compatible Instructions]

    • Install Python 2.7.x (Tested, 2.6 may work)

        $ sudo apt-get install python2.7
      
    • Install pip

        $ sudo apt-get install python-pip
      
    • [Optional] Install xclip (needed for automatic clipboard copying)

        $ sudo apt-get install xclip
      
  • Mac OS X

    (If you use a Mac please submit a pull request pointing to resources for this)

    • Install Python 2.7.x (Tested, 2.6 may work)
    • Install pip
  • Windows

    (If you use Windows please submit a pull request pointing to resources for this)

    • Install Python 2.7.x (Tested, 2.6 may work)
    • Install pip

Install Passmash

$ [sudo] pip install --src="$HOME/.src" -e git://github.com/timtadh/passmash.git#egg=passmash

Updating

$ [sudo] pip install -U --src="$HOME/.src" -e git://github.com/timtadh/passmash.git#egg=passmash

Setting up the Key File

We recommend the keyfile be random data. The following command generates 512 bytes of data from the unlimited random byte generator.

$ head -c 512 /dev/urandom > ~/.ssh/passmash.key

This command does the same thing but from the slightly more secure limited random byte generator. May be slow.

$ head -c 512 /dev/random > ~/.ssh/passmash.key

Finally, you can use any key length (I recommend 512 bytes as the minimum). This command generates 16384 bytes (16 KB) of data from the unlimited generator.

$ head -c 16384 /dev/urandom > ~/.ssh/passmash.key

Syntax

usage: passmash [options] url 

Options
    -h, help                     Display this message
    -c, clamp=N                  Don't output more than N characters
    -v, version                  Version information

Hashing Algorithm

h = hmac.new(key, password, sha256)
h.update(url)
for i in xrange(250000):
    h.update(h.digest())
return h.digest()