Skip to content

Latest commit

 

History

History
63 lines (46 loc) · 1.99 KB

README.md

File metadata and controls

63 lines (46 loc) · 1.99 KB

Powder - encrypt passwords, store them in text safely

The extension allows to encrypt passwords with a master password.
It enables CodeLens (inline text actions) for any text that looks like:

login:password

Password part can be encrypted, decrypted and copied to clipboard.

Example

Hide Password | Copy Password
test@example.com:password123

↓ Click "Hide Password", enter master password ↓

Unhide Password | Copy Password
test@example.com:AAF5etlyDen/7nX6nbJ5IUY+v/1d5NC3RFMxLxnHhGwRfHOI4cfyQfWtSs41Z6OAdu/Gn78=

Unhide password leads to decryption.
You can copy hidden password, master password is required.

Encryption Details

Standard browser encryption API is used.
AES-GCM 256 bit is used for the payload.
Both the master password and the payload are salted with 196 bit of different random data.

Encrypted data format is a base64 value of:

  • 1 byte starting mark = 0
  • 1 bytes version mark
  • 12 bytes password salt
  • 12 bytes payload salt
  • N>0 byte payload, which contains:
    • length of data as a string
    • '\0' separator
    • payload

Development

Contribution is welcome!

To start development:

  • install yarn;
  • clone the repository;
  • run yarn command to install packages;
  • press F5 to test and debug;
  • create PR after

Roadmap

  • Handle errors on incorrect password
  • Improve regex
  • Encryption of all the login/password pairs in a file with one command
  • Improving payload length handling
  • More compact encrypted line without damaging encryption strength

Additionally:

  • Associate with .pwd, make option to enable extension for these files only?
  • Copy login?
  • Should we also enable login encryption?
  • What else can we encrypt?
  • Powder mode - change Hide Password/Unhide Password with Powder/Unpowder