PassVault
What Is It?
It is a command-line password manager, for educational purposes, that stores localy, in AES encryption, your sensitives datas in a SQlite database (.db). This project was made to learn more about cryptography and not for intended for actual use. This software is used at your own risks. It is provided as is and I (including any contributors) do not take any responsibility for any damage or loss done with or by it.
Installation
Clone this repository: git clone https://github.com/vlHan/PassVault or download zip
- Enter the folder:
cd PassVault/ - Install python3
-
Linux
sudo apt-get install python3chmod +x *python3 -m pip install -r requirements.txt- Finished!
-
Windows and Mac
- Python 3, download and install
python -m pip install -r requirements.txt- Finished!
-
Usage
After installing, use the following command to install the dependecies and run the program.
$ python3 run.py
Or you can manually install the dependecies and run:
$ pip3 install -r requirements.txt
$ python3 run.py
How It Works
- After running you need to create your master password. This master password will be the key to indenty if the user is actually you, be sure you have saved, because the master password is unrecoverable.
- Follow the steps and answer the inputs, these informations will be saved.
After following the steps, the code will store your datas, encrypted in AES encryption, that comes from a python library pycryptodome, in a SQlite file. To authenticate the user, they are prompted to create a master password (that is also used to decrypt data) which is then stored using HMAC autentication code (that use SHA3_512 Hash Function for the digest mod). Whenever the user is prompted to verify their master password, the password they enter is compared to the hash of the stored master password and access if granted if the two hashes match.
if os.path.isfile('db/info.json'): # verify if the master password is created
with open("db/info.json", 'r') as f: # read the salt stored in the file
jfile = json.load(f)
self.master_pw = getpass.getpass('Enter your master password: ') # ask the master password
h = hmac.new(self.master_pw.encode(), msg=str(jfile["Informations"]["salt"]).encode(), digestmod=hashlib.sha3_512).hexdigest() # use HMAC and encrypt in sha3_512 HASH Function
if h == jfile["Informations"]["master_password"]: # compare with the hash of the master password
...
Author and Contributor
 @vlHan |
 @carvalinh0 |
|---|
Shoutouts
- @carvalinh0 for helping me in the AES encryption.
All notable changes to this project will be in project changelog
Contributing
If you want to contribute see guidelines for contributing.
License
This project is under the MIT License.
1 Nov 2, 2022
3 Dec 6, 2021
4 Jan 27, 2022
5 Oct 8, 2022
165 Dec 21, 2022
70 Jun 21, 2022
3 Dec 30, 2021
22 Dec 27, 2022
65 Nov 17, 2022
135 Dec 14, 2022
57 Dec 16, 2022
14 Dec 23, 2022
14 Nov 11, 2022
10 Nov 19, 2022
1 Nov 24, 2022
1 Jan 11, 2022
6 Sep 22, 2022
17 Dec 22, 2022
2 Dec 24, 2021
21 Dec 27, 2022
5 May 18, 2022
49 Nov 09, 2022
57 Oct 03, 2022
![Risky [ Zero Tow ]](https://avatars.githubusercontent.com/u/76860656?v=4&s=60)
7 Dec 25, 2022
2 Jun 23, 2022
114 Dec 26, 2022
10 Dec 28, 2021
867 Dec 22, 2022
5 Aug 25, 2022