This is a proof-of-concept deterministic mnemonic-based password manager. It utilizes the seed generated from mnemonic[2] to provision secrets[1] (as of now - passwords). This allows for synchronization of passwords across devices without the need to store any secrets on third-party servers. After synchronization of the metadata (password groups, names and details) via third-party servers, the passwords are generated from mnemonic inputted by the user on each new device.
The possibility of using a password manager that stores secrets on a third-party server is not acceptable, but so is using one that does not synchronize the secrets across devices. Using the mnemonic to generate a seed enables just that - the metadata can be safely stored on a third-party server, as it only holds the dedrivation path, and the secrets themselves are generated from a mnemonic sentence. The mnemonic can be written on a piece of paper or engraved on a metal plate.
Brain wallets (using hashes of words as secrets) are susceptible to dictionary attacks.
The mnemonic at the heart of this password manager is not.
- Create working proof of concept
- Define a roadmap
- Formally specify seed generation, secret derivation and metadata exchange format
- Browser integration! https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Native_messaging and https://developer.chrome.com/apps/nativeMessaging will be a good start.
Contributions are welcome! Please remember to run clang-format and clang-tidy before submitting PRs.
Build requirements: cmake, gcc(>=8) or clang(>=6), ncursesw.
Develompent: all of the above + clang-tidy and clang-format(=6).
$ mkdir build
$ cd build
$ cmake ..
$ make [-j6]
This project requires an ncurses
implementation, you can use homebrew to get one:
$ brew install ncurses
All code outside "external" is licensed under GPLv3.
Bitcoin's [hardened] key derivation BIP-32
Bitcoin's mnemonic deterministic key generation BIP-39