Using the same password on different platforms can be a security risk, but remembering different passwords, used for different accounts, can be quite the task too especially with the need to infuse special characters and numbers, and the fact that you may not use some of the passwords regularly enough for them to become easy to remember.
To help keep track of all these, Dan Murphy has designed a USB- based device that is capable of storing up to 250 sets of credentials, that are encrypted with AES-256 encryption, which makes gaining access to the credentials nearly impossible.
The new device called, PasswordPump 2.0, removes the need to store your credentials in the cloud or on a file where an attack could easily leave you exposed.
It is based on the Adafruit ItsyBitsy M4 and includes; a pair of removable EEPROM chips, an I2C OLED display (128 x 32), and a rotary encoder, all stacked on a custom PCB. The credentials are stored on the first EEPROM chip and backed up on the secondary for added security.
The device allows users to enter their credentials using several methods, including; the rotary encoder, the keyboard, via the serial terminal, or via the PasswordPump Python-based GUI, which was explicitly developed for this purpose.
The PasswordPump 2.0 offers a myriad of features, which are as provided by Murphy:
- Store up to 250 sets of credentials
- Authenticate with a 15 character master password
- Search for accounts
- Data entry via rotary encoder or keyboard and serial monitor, or via client Python GUI running in Windows, Ubuntu, or MacOS.
- Send username and password as if typed in via keyboard. Can also send URL, old password and account name.
- Add account name, username, password (generated or not), URL, old password
- Accounts added in alphabetical order
- Edit existing username, password, URL, style (inter-username/password character, Return or Tab), old password