Hi there,
I want to talk about a project I have in mind: designing a device (with LCD) that can keep all your passwords safely ( offline). I will probably start this soon...
Unlike some already-existing products (like the RecZone) passwords will be stored on a internal SD card: this will
give plenty of space to store passwrds (probably enough for an entire lifetime) and info will be easy to recover in
case the device stops working
Other features:
-possibility of creating backups from SD
-flexible interface with plenty of space for each entry (only limit is the SD's capacity)
-all entries are encrypted with a passphrase that only the device'owner knows
-low consumptions
-the device never connects to outside world
It sounds like this could be an easy and fun project that I could do in few days...
I'm doing some research, and I think the keyboard maybe the most difficult part to design...as it needs
a separate chip to detect keypress and it must be programmed separately..
I'm taking inspiration from an already existing project done by this maker: Electronoobs.com who, in his "Radio
Chat" project, is interfacing Arduino both with an homemade keyboard and a LCD: Radio chat with arduino and keyboard PCB
I'm thinking of using the same components (especially the homemade keyboard ...) but not the transceiver of course!
So these are the components required for this project:
-LCD (probably a 128x64 OLED display or something similar)
-Microcontroller
-2x SD card readers (connected to Arduino via I2C), possibly able to handle large SD cards. One card is for main service, the second one for backup
-a keyboard ( the Electronoob's style)
-an external case (this can be 3D printed, I'm thinking of using the same used in the Radio Chat project)
-a battery, and maybe a charger via usb (again I will follow Electronoob's steps)
I'd separate the project into 2 phases... encryption and everything else. Get everything working how you like without encryption, so it's easy to debug and troubleshoot. You can read and write passwords to standard files, viewable with off-the-shelf tools. Then, figure how to to go about encrypting it and what all is involved with that. Good luck.
I prefer to have my passwords autofilled. Having to type in strong passwords such as Y72#YrjlrPO0CzgM (just a randomly generated password) is pretty annoying, and that's the kind of password I have on most of my logins.
Besides, secure encryption is anything but trivial.
95% is browser, and that's taken care of by LastPass. For just about everything else I can copy/paste passwords from my LastPass vault. 阿里旺旺 is a notable and annoying exception to this.
Had a thought... why not auto-generate passwords based on a regex for the password requirements and a seed generated by some biometric, such as fingerprint? Then grant access based on that same biometric. If in fact, only the regex was stored, would two biometric scans produce identical seeds, making the "memory" the actual finger. The finger is the encryption, storage, and passwords. It would be the hands down the coolest password manager(ok bad pun...)
wvmarle:
Two biometric scans of the same finger do not produce identical results, just results similar enough for the scanner to accept the print.
So, the regular expressions for each password requirement would need to be stored, along with the fingerprint samples, used to verify subsequent scans, and the seed is in the original fingerprint scans, so actual passwords would not require storage.
BTW, does anyone know of a cheap service where you can send STL files and they 3d-print for you?
I'm planning to use the same 3d files of Electronoobs for the case: Homemade Radio chat with arduino and keyboard PCB
How do you plan to create backups of the encrypted password files? This is one of the things I'd be really worried to lose (e.g. due to physical loss or catastrophic failure of the device).
There are two kinds of people in this world... those who make backups, and those who have never lost data.
wvmarle:
How do you plan to create backups of the encrypted password files? This is one of the things I'd be really worried to lose (e.g. due to physical loss or catastrophic failure of the device).
There are two kinds of people in this world... those who make backups, and those who have never lost data.
The GUI will have an option to create backup... It will do nothing more than copy-pasting the passwords from the internal main SD to the backup SD. The backup SD should be kept separated from the device.
Of course passwords will remain encrypted (only with the passphrase you will be able to read the passwords). Making backup isn't strictly mandatory but can be useful to recover in case you lose the device.
The backup SD slot will be easily accessible from a side of the device, while the main SD will be inside and shall be accessed only by unscrewing the back panel
Your local makerspace would be a good starting point... or do a Google search on 3D printing services, and find one either cheap in China or local to you.
wvmarle:
Your local makerspace would be a good starting point... or do a Google search on 3D printing services, and find one either cheap in China or local to you.
Leave the 3D printing until life returns to normal. Get the rest of the project working. Make a temporary case from cardboard - for example from a cereal packet.
