The free password manager for power users

Overview

NOTE: this is pretty much abandoned, I recommend Bitwarden now. There is an export command in the CLI that produces CSV suitable for import into Bitwarden.

NOTE: if you've been using freepass before June 03, 2017: you need to checkout the serde-migration git tag, build the CLI, and mergein your vault into a new one using that particular version.

freepass unlicense

The free password manager for power users.

X11 screencast gif

What's going on?

  • A password manager.
  • Based on the Master Password algorithm, generates the same passwords as the Master Password apps.
  • But wait, there's more! Why stop at passwords? It generates...
    • Ed25519 digital signature keys for...
      • OpenSSH: Freepass adds private keys directly to a running ssh-agent & exports public keys in OpenSSH format!
      • signify: Freepass signs files & exports public keys in signify format!
      • TODO SQRL
    • Raw 256-bit keys for symmetric ciphers.
    • TODO BIP39-compatible passphrases.
  • Yes, all of the above is derived from your master password and full name, you can always recover it by entering the same data!
  • The generator settings (site names, counters) are stored in vault files:
    • Serialized into CBOR.
    • Encrypted with NaCl secretbox for each entry + AES for the whole file.
    • (Keys are derived from the master password like the generated passwords.)
    • Every time you save a vault file, its size changes randomly. That's a feature. Some random junk is added to make it a bit harder to count how many passwords you have without opening the file.
  • You can also store passwords and text in these vault files (for stuff that can't be generated).
  • You can merge two vault files (e.g. from sync conflicts).
  • You can import KeePass 2 (kdbx) files.

How?

  • Freepass is written in the Rust programming language and uses libsodium as the crypto library.
  • Very modular code, easy to audit.
    • You can separately check that the core library does everything correctly, and that the user interface passes your data to the core library, not to an evil server.
  • Some parts were written as completely separate Rust crates:
  • Completely free software: public domain / Unlicense.

Where?

Freepass is (going to be) available on different platforms:

  • cli: for UNIX-like systems
  • A desktop GUI and mobile apps will be available in the future.

Each version has its own README!

Contributing

By participating in this project you agree to follow the Contributor Code of Conduct.

The list of contributors is available on GitHub.

License

This is free and unencumbered software released into the public domain. For more information, please refer to the UNLICENSE file or unlicense.org.

Comments
  • thread panic with interact subcommand

    thread panic with interact subcommand

    To reproduce:

    cd freepass/cli
    cargo build --release
    strip target/release/freepass 
    mv target/release/freepass /usr/local/bin
    RUST_BACKTRACE=1 freepass interact
    

    Expected output: interactive repl displayed Actual output:

    thread 'main' panicked at 'Option file not found', src/main.rs:139:16                       
    stack backtrace:
       0: <unknown>
       1: <unknown>
       2: <unknown>
       3: <unknown>
       4: <unknown>
       5: <unknown>
       6: <unknown>
       7: <unknown>
       8: <unknown>
       9: <unknown>
      10: __libc_start_main
      11: <unknown>
    

    Notes: help subcommand works though, so that's helpful.

    opened by nothingnesses 3
  • Compilation on rustc 1.12.1 and 1.14.0-nightly fails

    Compilation on rustc 1.12.1 and 1.14.0-nightly fails

    Doing a cargo update before cargo build leads to the following error:

    Compiling freepass-core v0.0.0 (file:///some/path/freepass/core)
    error[E0053]: method `lookup` has an incompatible type for trait
       --> some/path/freepass/core/src/attachments.rs:121:6
        |
    121 |      fn lookup(&mut self, _req: &Request, parent: u64, name: &Path, reply: ReplyEntry) {
        |      ^ expected struct `std::ffi::OsStr`, found struct `std::path::Path`
        |
        = note: expected type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::ffi::OsStr, fuse::ReplyEntry)`
        = note:    found type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::path::Path, fuse::ReplyEntry)`
    
    error[E0053]: method `mknod` has an incompatible type for trait
       --> /some/path/freepass/core/src/attachments.rs:226:6
        |
    226 |      fn mknod(&mut self, _req: &Request, parent: u64, name: &Path, mode: u32, _rdev: u32, reply: ReplyEntry) {
        |      ^ expected struct `std::ffi::OsStr`, found struct `std::path::Path`
        |
        = note: expected type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::ffi::OsStr, u32, u32, fuse::ReplyEntry)`
        = note:    found type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::path::Path, u32, u32, fuse::ReplyEntry)`
    
    error[E0053]: method `mkdir` has an incompatible type for trait
       --> /some/path/freepass/core/src/attachments.rs:235:6
        |
    235 |      fn mkdir(&mut self, _req: &Request, parent: u64, name: &Path, mode: u32, reply: ReplyEntry) {
        |      ^ expected struct `std::ffi::OsStr`, found struct `std::path::Path`
        |
        = note: expected type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::ffi::OsStr, u32, fuse::ReplyEntry)`
        = note:    found type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::path::Path, u32, fuse::ReplyEntry)`
    
    error[E0053]: method `create` has an incompatible type for trait
       --> /some/path/freepass/core/src/attachments.rs:243:6
        |
    243 |      fn create(&mut self, _req: &Request, parent: u64, name: &Path, mode: u32, flags: u32, reply: ReplyCreate) {
        |      ^ expected struct `std::ffi::OsStr`, found struct `std::path::Path`
        |
        = note: expected type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::ffi::OsStr, u32, u32, fuse::ReplyCreate)`
        = note:    found type `fn(&mut attachments::Attachments, &fuse::Request<'_>, u64, &std::path::Path, u32, u32, fuse::ReplyCreate)`
    
    error: aborting due to 4 previous errors
    
    error: Could not compile `freepass-core`.
    
    To learn more, run the command again with --verbose.
    

    Steps to reproduce

    git clone https://github.com/myfreeweb/freepass.git
    cd freepass
    git submodule update --init libsodium rusterpassword
    cd "cli"
    cargo update
    cargo build --release
    
    opened by mokasin 3
  • Consider 0.x.y version numbers

    Consider 0.x.y version numbers

    For making distro packages, it would be great if you could provide some kind of version incrementing. Having '0.0.0' for every published version doesn't reflect any differences in the builds. If you follow semver, the 0.x.y releases are fine for an unstable product.

    opened by mokasin 3
  • Consider dual licensing

    Consider dual licensing

    Not all legislations allow releasing code to the public domain, nor recognize the UNLICENSE as valid. To solve this, you should consider dual licensing your project. This would allow the user to choose which license to use. Maybe a possible alternative is the MIT license (see https://github.com/BurntSushi/fst, which is dual-licensed under MIT and the UNLICENSE).

    See this stack exchange question for details about the problems with UNLICENSE.

    opened by aochagavia 2
  • Running/Building freepass broken with latest libsodium release.

    Running/Building freepass broken with latest libsodium release.

    From the most recent libsodium CHANGELOG:

    • The aes128ctr primitive was removed. It was slow, non-standard, not authenticated, and didn't seem to be used by any opensource project.

    Updating my system broke freepass so I've had to build an older copy of libsodium to deal with this for the time being.

    opened by Reisen 1
  • Counter must be 1 to follow spec.

    Counter must be 1 to follow spec.

    The spec on the master password website mistakenly declared '0' as the default counter value. As per this issue it is confirmed that none of the algorithms implemented in the official applications use 0. While It's annoying to have to change passwords, I think it is better to update to the actual behaviour of master password applications. Fixes issue #5 if merged.

    opened by Reisen 1
  • rust 2018 edition warning

    rust 2018 edition warning

     cargo build --release
    warning: An explicit [[bin]] section is specified in Cargo.toml which currently
    disables Cargo from automatically inferring other binary targets.
    This inference behavior will change in the Rust 2018 edition and the following
    files will be included as a binary target:
    *freepass/cli/src/main.rs
    
    This is likely to break cargo build or cargo test as these files may not be
    ready to be compiled as a binary target today. You can future-proof yourself
    and disable this warning by adding `autobins = false` to your [package]
    section. You may also move the files to a location where Cargo would not
    automatically infer them to be a target, such as in subfolders.
    
    For more information on this warning you can consult
    https://github.com/rust-lang/cargo/issues/5330
    warning: path `/freepass/cli/src/main.rs` was erroneously implicitly accepted for binary `freepass`,
    please set bin.path in Cargo.toml
    
    

    Not a problem when compiling, but thought it would help to note this behavior.

    opened by ghost 0
  • Master Password Algorithm produces Different Output

    Master Password Algorithm produces Different Output

    I tried to generate a password which I am using from freepass in the master password app. The README says that freepass generates the same passwords, but while I get the same output on both the android master password app and the web based master password app, the output from freepass is different for the same settings. Trying here for example.

    Update: Seems master password uses a counter of '1' for the first password, wheras freepass does not. In the web app, you can clear the counter field to be empty to get the same output as freepass. In the mobile apps, the counter cannot be unset in this way and so cannot generate the first password that freepass does. Not sure if this is something that should be fixed. Making freepass start at '1' will annoy anyone already using it, on the other hand, if you're already using master password, you now have to increment the counter for every password you add to freepass.

    opened by Reisen 0
  • please add compiled version with description

    please add compiled version with description

    i checked the released tab but you only have "serde-migration". i wanted to use it but i need to compile it? it would be much nicer to just have it built.

    opened by jaroslaw-weber 1
  • Support for SSH private key print.

    Support for SSH private key print.

    Right now I can print the public key from freepass, or add the private key to ssh-agent. Are there any plans to allow printing the private key as well? I want to be able to export the keys for use but right now I have to do it in a round about way. Is this an option you are considering adding?

    opened by Reisen 3
Owner
stars ≠ requests for spam
null
🐴 RusTOTPony — CLI manager of one-time password generators aka Google Authenticator

?? RusTOTPony CLI manager of time-based one-time password generators. It is a desktop alternative for Google Authenticator. Installation Arch Linux Pa

German Lashevich 23 Jan 5, 2023
A simple password manager written in rust

Passman - A password manager written in rust. How to use?: USAGE: passman option Currently available options are: new - initalize passman with a new m

Strawkage 7 Aug 26, 2021
A simple password manager written in Rust

ripasso A simple password manager written in Rust. The root crate ripasso is a library for accessing and decrypting passwords stored in pass format (G

Joakim Lundborg 550 Dec 30, 2022
A password manager coded in rust

pasman A password manager coded in rust Install Dependency rust Shell git clone https://github.com/AMTitan/pasman.git cd pasman cargo build --release

Arthur Melton 4 Nov 8, 2021
A lightning-fast password generator and manager written in Rust

Passlane A lightning-fast password manager for the command line Features Generate passwords Place the generated password into the clipboard Save previ

Anssi Piirainen 4 Dec 15, 2022
A terminal-based password manager, generator, and importer/exporter (Firefox, Chrome) backed with a concurrent hashmap

rucksack A terminal-based password manager, generator, and importer/exporter (Firefox, Chrome) backed with a concurrent hashmap Features Password gene

null 6 Jan 18, 2023
CLI password manager with encryption: AES256, Salsa20 and Chacha20, with cross platform and exclusive features

Keep My House (CLI) CLI password manager with encryption: AES256, Salsa20 and Chacha20, with cross platform and exclusive features Features AES256 GCM

null 4 Sep 7, 2023
A Password Manager Using age for Encryption

A Password Manager Using age for Encryption Contents Features Usage Install Import from pass How It Works Features It is inspired by pass. senior's fe

Retirement Home 3 Nov 2, 2023
Crypto in, power out

Cipo Crypto in, power out Cipo makes it easy to let users pay for electricity for their camper-van, electric cars, boat, caravan and other high load c

Jonny Heggheim 9 Dec 9, 2022
Harness the power of signify(1) to sign arbitrary git objects

git-signify A tool to sign arbitrary objects in a git repository. Generating keys Signing keys can be generated with signify, from the OpenBSD project

Tiago Carvalho 3 Jul 27, 2023
🤖CyberAI is designed to bridge the world of Cyberpunk 2077 and the power of OpenAI's AI technology.

CyberAI ?? Welcome to the CyberAI project! This plugin for Cyberpunk 2077 enables integration between the videogame and OpenAI API, opening a world of

Kirill Kuzin 19 Jul 28, 2023
A high performance blockchain kernel for enterprise users.

English | 简体中文 What is CITA CITA is a fast and scalable blockchain kernel for enterprises. CITA supports both native contract and EVM contract, by whi

CITAHub 1.3k Dec 22, 2022
A high performance blockchain kernel for enterprise users.

English | 简体中文 What is CITA CITA is a fast and scalable blockchain kernel for enterprises. CITA supports both native contract and EVM contract, by whi

CITAHub 1.3k Dec 22, 2022
An implementation of the OPAQUE password-authenticated key exchange protocol

The OPAQUE key exchange protocol OPAQUE is an asymmetric password-authenticated key exchange protocol. It allows a client to authenticate to a server

Novi 178 Jan 9, 2023
Master Password in Pure Rust

Master Password •••| This is the Rust version of the original found here. This can be used as a drop-in replacement for the reference C version, offer

Rust India 34 Apr 13, 2022
A Rust port of the password primitives used in Django Project.

Rust DjangoHashers A Rust port of the password primitives used in Django Project. Django's django.contrib.auth.models.User class has a few methods to

Ronaldo Ferreira 52 Nov 17, 2022
A safe implementation of the secure remote password authentication and key-exchange protocol (SRP), SRP6a and legacy are as features available.

Secure Remote Password (SRP 6 / 6a) A safe implementation of the secure remote password authentication and key-exchange protocol (SRP version 6a). Ver

Sven Assmann 10 Nov 3, 2022
Ruo is a dictionary-based password cracker written in rust 🦀 .

Ruo is a dictionary-based password cracker written in rust ?? . The primary purpose is to crack weak hashes/commonly used passwords.

Asjid Kalam 10 Mar 6, 2022
A password entropy calculator.

paspio — pasvorta entropio A (naive) password entropy calculator. Refrain from using this as a sole measure of password strength, it should be used in

Aziz Ben Ali 3 Mar 8, 2022