{"id":13567782,"url":"https://github.com/pashword/pashword","last_synced_at":"2025-04-04T02:33:21.382Z","repository":{"id":49927580,"uuid":"494147866","full_name":"pashword/pashword","owner":"pashword","description":"šŸ”’ Pashword - Never forget passwords ever again! Free and Open Source Hashed Password Generator","archived":false,"fork":false,"pushed_at":"2024-05-02T09:01:59.000Z","size":30893,"stargazers_count":280,"open_issues_count":5,"forks_count":26,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-11-04T23:35:08.640Z","etag":null,"topics":["pashword","password","password-generator","password-manager","security"],"latest_commit_sha":null,"homepage":"https://pashword.app","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pashword.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.MD","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-05-19T16:26:39.000Z","updated_at":"2024-10-25T21:11:20.000Z","dependencies_parsed_at":"2024-01-21T21:12:46.314Z","dependency_job_id":"96fa9288-7a2f-4db9-9c23-bb62bc5671b2","html_url":"https://github.com/pashword/pashword","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pashword%2Fpashword","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pashword%2Fpashword/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pashword%2Fpashword/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pashword%2Fpashword/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pashword","download_url":"https://codeload.github.com/pashword/pashword/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247111664,"owners_count":20885481,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["pashword","password","password-generator","password-manager","security"],"created_at":"2024-08-01T13:02:43.091Z","updated_at":"2025-04-04T02:33:20.482Z","avatar_url":"https://github.com/pashword.png","language":"TypeScript","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n**For updates, questions and more:** \n\n\u003ca href=\"https://t.me/iamnayam\"\u003e\n\u003cimg src=\"https://user-images.githubusercontent.com/25067102/209297095-a3db856f-b760-40bb-a68e-f3a3086e18c7.png\" height=\"150px\" /\u003e\n\u003c/a\u003e\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n# Pashword šŸ”’\n**FOSS Hashed Password Generator**\\\nPasswords done right\n\n\u003cimg src=\"/public/og-image.png\"\u003e\n\n# šŸ”’ https://pashword.app šŸ”’\n# šŸ”’ [Browser Extension](https://github.com/pashword/extension/) šŸ”’\n\n\u003c/div\u003e\n\n# Benefits šŸš€\nāœ” Works offline\\\nāœ” No data stored\\\nāœ” Impossible to crack\\\nāœ” Cryptographically secure\\\nāœ” Never forget your passwords\\\nāœ” Generate passwords on the go\\\nāœ” Same password for same input\\\nāœ” A single key to generate unique passwords\\\nāœ” Progressive Web App, install on any device\\\nāœ” Unique strong passsword for every account\\\nāœ” Can only be generated by the key owner, nobody else\n\n[Pashword.app has verifiable deployments. This means that what you see here is the exact same code that's being used on pashword.app, nothing added, nothing ripped.](https://github.com/pashword/pashword/deployments/activity_log?environment=Production)\n\nDesktop and Mobile apps coming soon!\n\n# The WHAT šŸ˜³\nPashword is a hashed password generator that does away with the need to remember passwords. Pashword generates a unique strong password for every single one of your accounts but these passwords aren't just random like the rest of the 91244 other password generators. They are personalized and constant.\n\n# The HOW šŸ¤”\nIn a nutshell, Pashword is more of a password calculator than a generator. It's kinda like doing the following: `Website + Username + Secret Key = Unique Password`. Since username and secret key are unique, Pashword is able to generate a strong password made just for you and nobody else can generate it because they'll never know the details you put in it.\n\nNot only does this mean that you won't ever forget how to generate the pashword, but since Pashword generates a password based on the details you put in, your password will remain constant. You can always generate it back when you forget it and you don't even need to remember it! All of this while not storing any data, not connecting to an external server or service. All of this takes place on your device, safe and secure using world-class one-way encryption algorithms.\n\n# Algorithm šŸ‘Øā€šŸ’»\nThe Pashword algorithm has been extensively documented with comments. You can read the [pashword.ts](https://github.com/pashword/pashword-lib/blob/main/src/helpers/pashword.ts) file to know more about it.\n\n## Algorithmic Considerations\nThe algorithm generates unique random passwords that always contain symbols, lowercase letters, uppercase letters and numbers. This gives Pashword the ability to generate strong passwords while being cryptographically secure in implementation.\n\n1. At no point is user data saved or sent to a remote server.\n2. Userdata is hashed (but I'm calling this encryption on the webapp for easy understanding, so one-way-encryption) first using SHA3-512 and then using scrypt algorithm the second time. This is to ensure maximum bruteforce and dictionary attack protection even with ASICs. This is why scrypt, which is memory and CPU hard algorithm was chosen for the job. You can read more about scrypt [here](https://en.wikipedia.org/wiki/Scrypt).\n3. SHAKE-256 is used as a CSPRNG.\n4. 256 bit random number is then used to generated indices for where each character in the password goes.\n5. The scrypt output is used as the seed for SHAKE CSPRNG. Big Endian byte order is used to convert the 32 bytes into 256 bit big integer.\n7. Entropy is as high as possible and suitable for the supposed threat model of Pashword.\n8. To highlight again, during any process, no data is stored in any kind of database or cache. Everything happens in realtime and is deleted once user resets the state.\n\nHere's a rough diagram of how `pashword.ts` works:\n\u003cimg src=\"/algorithm_illustration.png\"\u003e\n\n# Development šŸ§°\n\nOpen terminal and enter the following commands:\n```bash\n# Clone the repository\ngit clone https://github.com/pashword/pashword.git\n\n# Change Directory\ncd pashword\n\n# Install dependencies\nnpm install\n\n# Run development server\nnpm run dev\n```\n\n# Self-hosting šŸ¤³\n## Docker\nCompose file is included in the project :)\nor you can pull from Docker Hub\n```\ndocker pull nayamamarshe/pashword\n```\n\n## Vercel\n1. Fork this repository.\n2. Sign up on https://vercel.com\n3. Import your forked Pashword repository and enjoy!\n\n\n# FAQ\nPlease [Read the FAQ](https://pashword.app/#faq) for any security questions or doubts about Pashword.\n\n# Credits ā™„\n\nThis obviously wouldn't have been possible without the people who helped me with the code review and suggested new ideas for the algorithm. I'm deeply grateful to have an army of big brain people who contributed to the completion of this project. Thanks to nsrCodes, TGS963, dsx724, coyotium and everybody else who helped me with this project :)\n\nSpecial Thanks to Jake Lees (@brocococonut) for their amazing contributions!\n\n#\n\u003cdiv align=\"center\"\u003e\n\n**Made by Nayam Amarshe**\\\nPashword Ā© 2022\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpashword%2Fpashword","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpashword%2Fpashword","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpashword%2Fpashword/lists"}