🔑 Welcome to my Password Manager App.
This app makes it easy for you to:
- Add your passwords
- See your added passwords
- Generate / Create passwords for you
- Filter Search through your passwords
All of these are done with the pycryptodome and cryptography module, to make sure everything is secure. By making use of these modules no lambda person will be able to access your encrypted data.
General way of working: An Access Password (AP) that you create will be your key 🔑 to all of your saved password 🏠. Without this AP, none of your password will be readable! All the password that you will add will be encrypted using a key which is derived from your AP, using Fernet, base64.urlsafe_b64encode, ...
Status: ▰▰▰▰▰▰▰▰▰▰ 100%
Note
Two other version of the project exist, but are not finished & not expected to be worked on in the near feature. The terminal version is finished and complete.
- web-engine-integration: uses PySide6
WebEngineWidgetsfor the frontend (WIP). - standard-pyside-gui: uses standard PySide6
Layouts,Widgets, ... for the frontend (WIP). Won't be worked on any longer. - Each version has their own README. Click on the branch you wish to visit above to see the project itself.
-
This app is 100% python based. To launch it as a normal python script, you need python3.x to be installed on your device.
-
Once done, you will need to install some modules, simply run
pip install -r requirements.txt- if
pipdoesn't work, try usingpip3
-
Download and unzip the files in a chosen folder. We will call it
.../MDPSaver-master/ -
Go into the app folder:
cd MDPSaver-master/ -
You should see all the python scripts, open a terminal in that folder and type
python MDPSaver.pyorpython3 MDPSaver.py- If you have any issue like:
FileNotFoundErrorModule not found, ...
- Make sure you opened a terminal IN the
.../MDPSaver-master/.folder! It should look like:X:\...\MDPSaver-master\>python MDPSaver.py
- If you have any issue like:
- The program should be running! Each time you want to launch MDPSaver, you need to repeat step 4 and 5!
- If you have any problem using the app, contact me on Discord:
gaecko
Tip
You can quite easily add GitHub syncing on Linux + global var to launch the app:
-
Create a git repository and add the project content in it
-
Create a new file
pull.shin the project folder with content:(cd $1 && git pull > /dev/null 2>&1)
- Allow user to execute it:
sudo chmod +x pull.sh
- Allow user to execute it:
-
Create a new file
push.shin the project folder with content(cd $1 && git pull > /dev/null 2>&1 && git add . > /dev/null 2>&1 && git commit -m "Managed Passwords" > /dev/null 2>&1 && git push > /dev/null 2>&1)
- Allow user to execute it:
sudo chmod +x push.sh
- Allow user to execute it:
-
In
MDPSaver.py, insert after line30the following code:if __name__ == "__main__": # this is line 30 print(Fore.BLUE + "Git syncing ......", end=" ") base_dir = os.path.dirname(os.path.abspath(__file__)) os.system(os.path.join(base_dir, f"./pull.sh {base_dir}")) print(Fore.GREEN + "\t✓") print(Fore.BLUE + "Launching ........", end=" ") sleep(0.5) print(Fore.GREEN + "\t✓") sleep(1) # ... Rest of the program
-
Still in
MDPSaver, insert after line+-445: (depends on version of the project, look forif choice == 8)if choice == 8: # this is approximately line 445 base_dir = os.path.dirname(os.path.abspath(__file__)) print(Fore.BLUE + "Git syncing ......", end=" ") os.system(os.path.join(base_dir, f"./push.sh {base_dir}")) print(Fore.GREEN + "\t✓") # ... Rest of the program
Be careful with the indentation :).
-
cdto the root folder of your system. You need to accessbin/folder to add the MDPSaver global var. -
In
~/bin/, create a fileMDPSaverwith contentpython3 /../../home/USER/path_to_project/MDPSaver.py
-> Where
USERis your username on Linux, andpath_to_projectthe path to your git folder. You might need to usesudo touch MDPSaverand thensudo vim MDPSaver. -
Give the autorisation to execute the file with
sudo chmod +x MDPSaver
-
You can now launch the program from anywhere, by running
MDPSaver. If you need any more help to make it work:gaeckoon Discord.
Warning
The exe version is running on an old version. If you want to have the latest version, consider using the Python Version
- Here is a video on how to install MDPSaver (Easy Method). The
.exefile is located in the first release.
Or follow these steps:
- Download and extract (unzip) the files.
- Go into the exe folder:
./MDPSaver-master/MDP_EXE/ - Righ click on
MDPSaver.exeand create a shortcut to it - Rename and move the shortcut on your desktop
- Double click on the shortcut which is on your desktop, if a red window opens up, click on
more informationand theninstall anyway
- Check the video if you have any trouble! You can also contact me on discord:
gaecko
- If you used last version of MDPSaver, here is a video on how to update your old data to the new MDPSaver.
Warning
This works only for the exe version. For the script version, you need to launch updator.py within MDPTools. Other steps are equivalent to the one in the video.
Here is a walkthrough of the app
- This is the Main Menu in which you can access all of the app functionnalities.
-
You can easily access your already saved password by typing one in the main menu:
-
You can then:
- Type the number corresponding to the password
- Type a keyword which will display corresponding password
- Type + or last password number + 1 to directly access "Add a password"
- Press enter to leave
-
If you reach a saved password:
-
You can then:
- Reveal the password
- Delete the password
- Change the password
- Change the username / email
- Go back
- To add a password, type 2 in the main menu:
- You can then add the Site, Username / email and the password
- The app can also generate Random Password for you. This can be usefull when signing up on new website/ ...
- The app lets you directly add the generated password to your saved password
- 4 ways of generation:
- Weak: only letters + numbers | size 8~12
- Medium: letters + numbers + symbols | size 10~20
- Strong: long + letters + numbers + symbols | size 15~25
- Custom: with(out) symbols + with(out) numbers | custom size
- Filter search allows you to filter and list passwords with specific information:
- Email - Username: list all sites that have that email - username in use
- Password: list all sites that have that password in use
- Email - Username: list all sites that have that email - username in use
- If needed, you can change your Username:
- If needed, you can change your Access Password:
- You will need to recreate a question and answer!
- You can access a tutorial:
- To properly exit the program, just type 7:
- If you are using the .exe version, the cmd window might close.
- You can access some deep app setting by typing 8:
- You can then:
- Hard Reboot Everything (reset everything)
- Delete all password (reset data.txt)
- Reset personnal data (this means that you will need to reconfigure the app, new AP, new question, ... If you use the same AP your password won't be lost, but it's kind of risky...)
- This menu should only be used if you plan on testing things with the code or if you have issues with the program and that loosing your password doesn't afraid you.
-
Here is a schema on the security system:
-
Something I kept in mind during the project was to have a program wich was quick and simple. Starting the project I used an encode and decode function which turned out to have major security troubles, as there was an already known way on how to crack them. I then switched to an official security system (
Fernetfromcryptography, allied withpycryptodome), that I used with a key which was direved using the Access Password. That way, and with 380 000 iterations, each saved password is encrypted and safe. -
But how about speed ? Well after hours spent on data managing and improved encryption, I now have a system which is fast enough to ensure fluent usage.
-
If you want to test speed by yourself:
.\MDPSaver-master\MDPSaver-master\MDP_APP>python SpeedTest.py- You will be asked how many password you want to test with, just wait a bit and some results should be displayed!
-
Result (could be influenced by the machine you use):
- High security system with no improvement:
- High security system with improvement:
- High security system with no improvement:
- High security system with improvement:
-
I used to save password this way:
``` encrypted site 1 | encrypted username 1 | encrypted password 1 encrypted site 2 | encrypted username 2 | encrypted password 2 encrypted site 3 | encrypted username 3 | encrypted password 3 ... ```It was then easy to decrypt using
string.split(" | ")and thendecrypt(AP, string[0]), ....I then simplified the process by directly encrypting the whole phrase, including the " | ". That made the encrypting and decrypting 3x faster.
I would have something like this:
encrypt(AP, site + " | " + username + " | " + password)To then first
string = decrypt(AP, whole phrase)and thenstring.split(" | "). -
I then figured out that the long processus of encrypting and decrypting was due to the key creation. This key is derived using the AP and is each time exactly the same. So, instead of creating for each encryption / decryption a key (which is each time the same), I would simply save it once into a program variable and re-used it for each encryption / decryption. That avoided 380 000 iterations each time.
-
To sum up, I went from:
(3 encryption / decryption per password ) * 380 000 * numbers of password -> 3 * 380 000 * n = 1 140 00 iterations per passwordTO
380 000 + ((1 encryption / decryption per password) * numbers of password) -> = 380 000 + n iterations for all of the password!That's how it went from
78 msper password to0.24 ms, so about325xquicker! Of course, as the key is loaded once, you can add / load passwords thousand of times, in the same instance of the program, and you will have almost no encryption / decryption time.
-
The new functionnality won't be added to the .exe version, as it would require to recompile the whole program.
-
Also, as you can see within the python files:
################################################################################################# # | Author: Arthur De Neyer - GaecKo # # | Last update: Check github (https://github.com/GaecKo/MDPSaver) # # # # ======= ⚠ DISCLAIMER ⚠ ====== # # | This code is not suitable for professional use. As of the current state of the code, this # # whole program is not sustainable and thus deprecated. # # # # | If you wish to rebuild the program, feel free to do it and I'll check the PR! # # # #################################################################################################
This means that I won't work on this project anymore. I might add some new features, but I won't work on the existing code itself.