Summary of Password manager
This article describes a DIY password manager project inspired by the Mooltipass but simplified for personal use. The device uses a PIC16LF1454 microcontroller, an OLED display, and emulates a keyboard via USB to input credentials. It features PIN protection, 32KB storage for up to 512 entries, and data encryption using XOR with a pseudo-random number generator. A companion PC application allows users to update stored passwords on Linux and Windows systems.
Parts used in the DIY Password Manager:
- PIC16LF1454 microcontroller
- 128x32 I2C OLED display
- OS USB stack (m-stack)
- USB thumbdrive form factor components
- Flash memory on the microcontroller
- PC application software
I was frustrated by trying to remember my passwords for all my websites and got even more frustrated when i need to change a password again after some months. Dont even to mention the needed complexity of them nowadays. A bit insired by the mooltipass featured on hackaday, but too scared of the complexity and hugeness of it, I decided to roll my own.
Also I’m not a terrorist nor a high placed public person, so I dont need that high encrypted and bulky design. Prolly the NSA would crack this thing in a matter of days (minutes?) but I think it will keep your pr0n logins safe from your little brother ;).
Current design/features:
– Uses the supercheap PIC16LF1454 (+- 1USD/piece) with no need for a XTAL (Clock is derived from USB)
– Uses a small but crystalclear OLED (128×32, I2C).
– Uses an OS USB stack ( http://www.signal11.us/oss/m-stack/ ).
– Emulates a keyboard (HID) for entering usernames or passwords.
– USB thumbdrive footprint.
– Device is protected by a pincode (securely stored in flash on the uC).
– Simple PC application for updating protected storage (currently compiles on linux and windows).
– 32Kbyte storage for usernames/passes (512 username/passes total).
– External storage is XORed with a pseudo RNG (seed of the RNG is not based on the pincode).
For more detail: Password manager
- What microcontroller is used in this project?
The project uses the supercheap PIC16LF1454 which costs around one dollar per piece. - Does the device require an external crystal oscillator?
No, the clock is derived directly from the USB connection without needing a XTAL. - How does the device enter usernames or passwords?
The device emulates a keyboard (HID) to input credentials into the computer. - Can this password manager be updated on Windows?
Yes, the simple PC application currently compiles and runs on both Linux and Windows. - What is the maximum storage capacity for entries?
The device has 32Kbyte storage capable of holding a total of 512 username/password pairs. - How is the data protected on the device?
External storage is XORed with a pseudo RNG, and the device is protected by a securely stored pincode. - Is the seed of the random number generator based on the pincode?
No, the seed of the RNG is not based on the pincode according to the article. - What inspired the creator to build this device?
The creator was frustrated by remembering passwords and inspired by the Mooltipass design found on Hackaday.
