{"id":50537830,"url":"https://github.com/lordbuffcloud/flipper-ck42x-passvault","last_synced_at":"2026-06-12T17:05:46.015Z","repository":{"id":359787116,"uuid":"1247509477","full_name":"lordbuffcloud/flipper-ck42x-passvault","owner":"lordbuffcloud","description":"CK42X PassVault: Flipper Zero field password vault with memorable generator and opt-in HID typing","archived":false,"fork":false,"pushed_at":"2026-05-23T13:26:56.000Z","size":32,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-23T14:13:54.243Z","etag":null,"topics":["badusb","ck42x","fap","flipper-app","flipper-zero","password-generator","ufbt"],"latest_commit_sha":null,"homepage":"https://ck42x.com","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lordbuffcloud.png","metadata":{"files":{"readme":"README.md","changelog":"changelog.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-23T12:12:58.000Z","updated_at":"2026-05-23T13:26:59.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/lordbuffcloud/flipper-ck42x-passvault","commit_stats":null,"previous_names":["lordbuffcloud/flipper-ck42x-passvault"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/lordbuffcloud/flipper-ck42x-passvault","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lordbuffcloud%2Fflipper-ck42x-passvault","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lordbuffcloud%2Fflipper-ck42x-passvault/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lordbuffcloud%2Fflipper-ck42x-passvault/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lordbuffcloud%2Fflipper-ck42x-passvault/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lordbuffcloud","download_url":"https://codeload.github.com/lordbuffcloud/flipper-ck42x-passvault/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lordbuffcloud%2Fflipper-ck42x-passvault/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34253971,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-12T02:00:06.859Z","response_time":109,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["badusb","ck42x","fap","flipper-app","flipper-zero","password-generator","ufbt"],"created_at":"2026-06-03T18:00:23.218Z","updated_at":"2026-06-12T17:05:46.010Z","avatar_url":"https://github.com/lordbuffcloud.png","language":"C","funding_links":[],"categories":["Tools"],"sub_categories":[],"readme":"# CK42X PassVault for Flipper Zero\n\nA CK42X-branded external Flipper Zero app (`.fap`) that stores, generates, and types passwords from the Flipper after explicit confirmation.\n\nWebsite: \u003chttps://ck42x.com\u003e\n\n## Flow\n\n1. First launch: set a master PIN. Existing legacy `vault.tsv` data is migrated into encrypted storage after setup.\n2. Later launches: unlock with the master PIN.\n3. `+ Add New Password`\n4. Enter account name\n5. Enter username\n6. Choose `Generate Password` or `Enter Custom`\n7. For generated passwords, choose a preset:\n   - Memorable 16+ mix\n   - Strict 16+ A/a/0/!\n   - Long 20+ passphrase\n   - No special char\n8. Save entry\n9. Select saved account to view username/password\n10. Press `Inject`, confirm, and the app HID-types the password only\n\n## macOS keyboard setup popup\n\nPassVault uses Flipper's standard HID keyboard typing path. On a fresh macOS target, Keyboard Setup Assistant may appear the first time the Flipper presents as a keyboard. If that happens, cancel or complete the setup dialog once, refocus the password field, and inject again.\n\n## Branding\n\nThe app icon is a Flipper-compatible 10x10 monochrome simplification of the CK42X crowned bee mark from `ck42x.com`. The full source logo reference is preserved in `ck42x_website_bee_crown.png` for provenance.\n\nThe app also includes an `About / ck42x.com` menu item so users can find CK42X after installing the `.fap`.\n\n## Build\n\nFrom this directory:\n\n```bash\n/home/x3y5x/.local/share/venvs/ufbt/bin/ufbt\n```\n\nOutput:\n\n```text\ndist/ck42x_passvault.fap\n```\n\n## Install / launch when Flipper is reachable over USB\n\nFrom WSL if the Flipper is visible there:\n\n```bash\n/home/x3y5x/.local/share/venvs/ufbt/bin/ufbt launch\n```\n\nFrom Windows HERM when the Flipper is physically connected to HERM:\n\n```powershell\nC:\\Users\\lordb\\.hermes\\venvs\\ufbt\\Scripts\\ufbt.exe launch FLIP_PORT=COM9\n```\n\nAdjust `COM9` if Windows assigns a different Flipper CDC port.\n\nIf USB automation is unavailable, copy `dist/ck42x_passvault.fap` to the Flipper SD card under `/ext/apps/Tools/` with qFlipper or another mounted SD path.\n\n## Security note\n\nGenerated passwords use the Flipper RNG and the app checks generated passwords against saved entries before saving, so it will not intentionally create a duplicate generated password already in the vault.\n\nv0.4 stores the active vault in app data as AES-GCM encrypted `vault.pv1` and gates vault access behind a master PIN. The key is derived in-app from the PIN and a per-vault random salt using a compact SHA-256 KDF. A fresh random AES-GCM nonce is used on each save.\n\nIf a legacy plaintext `vault.tsv` exists and no encrypted vault exists, first PIN setup imports it once, saves the encrypted vault, and removes the plaintext file after the encrypted save succeeds.\n\nThis is still a small Flipper utility, not a hardened audited password manager. Device compromise, weak PINs, shoulder surfing, debug access, or modified firmware can still expose vault contents.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flordbuffcloud%2Fflipper-ck42x-passvault","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flordbuffcloud%2Fflipper-ck42x-passvault","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flordbuffcloud%2Fflipper-ck42x-passvault/lists"}