pwm

Release 0.1.6

A superlight password manager

Homepage PyPI Python

License
Other
Install
pip install pwm==0.1.6

Documentation

pwm Build Status

A minimal, secure password manager that can't tell on you.

Most password managers use a master password to keep your site-specific passwords safe. This means that you're password database becomes a very precious target; after all, if you lose it, your entire online presence is compromised. But we still don't want to be back in the hell we were when we tried to remember unique passwords for all different sites we used, that's no good solution either - we're humans after all.

So what does pwm do differently? Instead of storing your passwords, it stores some random bytes (often known as a salt) for each of your sites, and when you want to get the access key for a site you simply enter your master password and an identifier for the site (such as the domain, mybank.com or similar), and pwm will generate a key for you to use as a password on that site, without storing it anywhere. Thus, if your database is lost, all that's present in the database is a random string that's without value without your master password.

Indeed, not even your master password is stored anywhere. Give the wrong password and you'll simply get a different key and probably a nice error message from the site where you're trying to authenticate.

Usage

$ pwm search .com
mybank.com
ebay.com
facebook.com

$ pwm get mybank.com
Enter your master password: 'supersecret'
61def4de798453e39d5af289f742eb15827973e7

Installation

From pip:

$ pip install pwm

From source:

$ python setup.py install

Roadmap

The project is very young still, but this is roughly the roadmap we think we'll follow. If you have any ideas or feature requests, shout out!

  • Make it possible to store additional info for a domain (username, notes, etc)
  • Make charsets/lengths customizable on a domain-basis, to cope for domains that doesn't allow long passwords or that require passwords to adhere to a given format (needs special characters or similar)
  • Make it portable enough
  • Make a complementary web interface for the time when you're without your devices and need your passwords

Development

Set up a new virtualenv:

$ virtualenv venv
$ . venv/bin/activate
$ pip install -e .[dev]

Do your stuff, test your code by running nosy, which automatically reruns tests on changes:

$ nosy

Keep test coverage up.

Philosophy

The idea behind pwm is simple; an easy-to-use, secure password manager you'll always have access to. The client is very simple, and can easily be implemented on multiple platforms. The user should always stay in control of the data, there's no dependencies on externally hosted services and no signup or tracking of your usage.

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
1
Total releases
7
Latest release
First release
Stars
2
Forks
4
Watchers
3
Contributors
2
Repository size
818 KB
SourceRank
7

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.1.6
0.1.5
0.1.4
0.1.3
0.1.2
0.1.1
0.1.0

Contributors

Tarjei Husøy Kjell Braden


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-12-15 15:04:40 UTC

Login to resync this project