Skip to content
This repository has been archived by the owner on Sep 14, 2024. It is now read-only.

valpackett/freepass

Repository files navigation

NOTE: this is pretty much abandoned, I recommend Bitwarden now. There is an export command in the CLI that produces CSV suitable for import into Bitwarden.

NOTE: if you've been using freepass before June 03, 2017: you need to checkout the serde-migration git tag, build the CLI, and mergein your vault into a new one using that particular version.

freepass unlicense

The free password manager for power users.

X11 screencast gif

What's going on?

  • A password manager.
  • Based on the Master Password algorithm, generates the same passwords as the Master Password apps.
  • But wait, there's more! Why stop at passwords? It generates...
    • Ed25519 digital signature keys for...
      • OpenSSH: Freepass adds private keys directly to a running ssh-agent & exports public keys in OpenSSH format!
      • signify: Freepass signs files & exports public keys in signify format!
      • TODO SQRL
    • Raw 256-bit keys for symmetric ciphers.
    • TODO BIP39-compatible passphrases.
  • Yes, all of the above is derived from your master password and full name, you can always recover it by entering the same data!
  • The generator settings (site names, counters) are stored in vault files:
    • Serialized into CBOR.
    • Encrypted with NaCl secretbox for each entry + AES for the whole file.
    • (Keys are derived from the master password like the generated passwords.)
    • Every time you save a vault file, its size changes randomly. That's a feature. Some random junk is added to make it a bit harder to count how many passwords you have without opening the file.
  • You can also store passwords and text in these vault files (for stuff that can't be generated).
  • You can merge two vault files (e.g. from sync conflicts).
  • You can import KeePass 2 (kdbx) files.

How?

  • Freepass is written in the Rust programming language and uses libsodium as the crypto library.
  • Very modular code, easy to audit.
    • You can separately check that the core library does everything correctly, and that the user interface passes your data to the core library, not to an evil server.
  • Some parts were written as completely separate Rust crates:
  • Completely free software: public domain / Unlicense.

Where?

Freepass is (going to be) available on different platforms:

  • cli: for UNIX-like systems
  • A desktop GUI and mobile apps will be available in the future.

Each version has its own README!

Contributing

By participating in this project you agree to follow the Contributor Code of Conduct.

The list of contributors is available on GitHub.

License

This is free and unencumbered software released into the public domain. For more information, please refer to the UNLICENSE file or unlicense.org.