This ia a browser-extension that will enable you to need only one password to login to any website!
This browser-extension will make it unnecessary to remember a lot of passwords.
This browser-extension will make it unnecessary to trust Google, Microsoft or any passwordmanagement-tool with all your userids and passwords.
Looking for the simplest and safest solution to manage your userid's and passwords? You found it!
This browser-extension allows you to use one password for every site! All you have to remember is one short and simple password.
This extension will not store any password at all. Not locally on your pc, not in any cookie, not anywhere online. Your password only gets stored where it belongs: at the site where you are logging into. But that is of no concern to this extension. Never will this extension request any of your passwords, simply because it does not need to and it does not want to.
Every bit of code is out in the open, for everyone to see. No hidden functions or tricks possible. This results in extra security because fully opensource code can get monitored by anyone. This has several security advantages:
- You can follow your password along every step of the way.
- Every single line of code is visible to you. No hidden functions. No surprises.
- Code is publicly available and every change to it is traceble to the programmer
The only code that is executed is in javascript on your own computer. No on-line services, no cloud-applications. No one gets any bit of information about your one-and-only password.
This extension can store per domainname: your userid, a salt, a sequencenumber and a remark. These are all optional.
Also per domain these informational fields: used at, a remark.
This data is stored in the webappsstore.sqlite file in the profile folder of your browser. Usually this file only
available with administrator rights, which is why it is also shown in the extension itself.
Your password gets hashed using the domainname, your userid for this particular site, a sequencenumber, your password and a salt for this domain. Without the salt it would be possible to take the generated password for this site-you-re-trying-to-login-to and find out what your-only-password is. Either by bruteforcing or via rainbowtables. The salt is unknown to the site-you-re-trying-to-login-to un thus makes that impossible.
## Installation ... ### ... in your Chrome-browserOnce we have this added to Chrome's webstore...: Easiest way is to add this extension to your Chrome browser's extensions.
- go to settings
- click on extensions
- at the bottom click on "Add more extensions". This will bring you to the Chrome webstore
Don't trust the ChromeWebStore? Then download this code to any directory on your local pc and follow these steps:
- go to settings
- click on extensions
- check the tickbox next to "Developers modus"
- click on "Load extracted extensions"
- select the directory where you have placed the downloaded code and click "OK"
The icon for this extension should show up at your extension-icons tray, usually next to your url-bar.
If you want to contribute, please do so by solving any of our issues on https://github.com/TimvanSteenbergen/onepasswordforeverysite and commit your changes, create a pull request. Becoming a opfes-contributor you can send an email to [email protected] giving your github-account. I will add you.
- keypass, a standalone project
- lastpass, a Firefox addon