Paw: a cross platform application to manage your passwords and identities securely

Paw

Paw

Paw is a cross platform application to manage your passwords and identities securely.

It is written in Go and uses Fyne as UI toolkit and age as encryption library.

Screenshot

Paw screenshot

Main goals

  • Cross platform application (linux, macOS, Windows, BSD ...) with a single codebase
  • Open source: code can be audited
  • Only one secret key to remember used to store securely your passwords

Later goals

  • Audit passwords against data breach
  • Automatically detect and use password rules for known web sites that require ones
  • Automatic backup / syncronization
  • CLI application
  • Mobile / Web applications
  • Password import
  • Stateless password derivation support
  • Unicode password support

Installation

go install lucor.dev/paw/cmd/paw@latest

How it works - cryptography details

Vault initialization

One or more vaults can be initialized to store passwords and identities.

When the vault is initialized user will be prompt for a vault name and password that are used for:

  • generate an age Scrypt Identity and Recipient used to decrypt/encrypt the vault data;
  • derive a symmetric secret key with Scrypt used as seed for the random password generation;

Random password

Random password are derived reading byte-by-byte the block of randomness from a HKDF cryptographic key derivation function that uses the seed above as secret. Printable characters that match the desired password rule (uppercase, lowercase, symbols and digits) are then included in the generated password.

Custom password

Where a generated password is not applicable a custom password can be specified.

Vault structure

Vault internally is organized hierarchically like:

- vault
    ├── website
    |    └── www.example.com
    |    └── my.site.com
    ├── password
    |    └── mypassword
    └── note
         └── mysecretnote

where website, password and note are the Paw items, see the dedicated section for details.

Items

Items are special templates aim to help the identity management.

Currently the following items are available:

  • note
  • password
  • website

Threat model

The threat model of Paw assumes there are no attackers on your local machine.

Contribute

  • Fork and clone the repository
  • Make and test your changes
  • Open a pull request against the develop branch

Contributors

See contributors page

Owner
Luca Corbo
Luca Corbo
https://github.com/lucor/paw https://lucor.dev/paw
Similar Resources

Cross-platform, multi-server chat app built using Fyne

Cross-platform, multi-server chat app built using Fyne

Fibro Really early days proof of concept for a cross-platform multi-server chat. Feel free to play, but don't expect it to do much! Features Multiple

Sep 10, 2022

cross-platform library for sending desktop notifications

Golang-Toast cross-platform library for sending desktop notifications Installation go get

Nov 24, 2022

A fast, high performance Cross-platform lightweight Nat Tracker Server,

A fast, high performance Cross-platform lightweight Nat Tracker Server,

NatTrackerServer A fast, high performance Cross-platform lightweight Nat Tracker Server suport IPv4 and IPv6 Tracker Server protocol 1、get NAT public

Apr 15, 2022

ClashWebLite is a cross-platform lightweighted wrapper for Clash Premium on Desktop environment.

ClashWebLite is a cross-platform lightweighted wrapper for Clash Premium on Desktop environment.

ClashWebLite ClashWebLite is a cross-platform lightweighted wrapper for Clash Premium on Desktop environment. http://127.0.0.1:9090/ui: Features Suppo

Dec 29, 2022

Send email and SMS broadcasts to your contacts. SMS are sent via your Android phone connected to your PC.

Polysender Send email and SMS broadcasts to your contacts. Polysender is a desktop application, so it does not require a complicated server setup. Ema

Aug 11, 2022

Go-grpc-template - A small template for quickly bootstrapping a, developer platform independent gRPC golang application

Go-grpc-template - A small template for quickly bootstrapping a, developer platform independent gRPC golang application

go-grpc-template A small template for quickly bootstrapping a developer platform

Jan 20, 2022

Go-db-connection-api - API REST in Go that connect to SQL DB and manage task of projects

Go Todo REST API Example A RESTful API example for simple application with Go It

Jan 26, 2022

Cross check makes health checks on PostgreSQL and MySQL database servers

Cross Check Cross check makes health checks on PostgreSQL and MySQL database servers, it also performs master & slave control for clusters in H/A Acti

Jan 14, 2022

Wrapper around bufcli to make it do cross-repo compiles for private repos and use full paths.

Wrapper around bufcli to make it do cross-repo compiles for private repos and use full paths.

Bufme A tool for compiling protos with full directory paths and cross repo compiles. Introduction Protocol buffers rock, but protoc should die in a fi

Feb 5, 2022
Comments
  • Support showing website favicons

    Support showing website favicons

    Is your feature request related to a problem? Please describe:

    It is often faster to look for something visual (shapes, colours and so on) than to read the text. Because of this, a lot of password manager allow showing the website favicons/icons for login items.

    Is it possible to construct a solution with the existing API?

    I believe so. Might require, or be good, to have some sort of caching so that favicons doesn't have to be downloaded from the websites every time the application loads. I don't know if just storing the cache unencrypted on disk is a good idea though, seems like an easy way for someone to read all the user's logins.

    Describe the solution you'd like to see:

    Showing a favicon for the login item, instead of a generic website icon (if the website i question has one).

  • ui: add a settings view

    ui: add a settings view

    Is your feature request related to a problem? Please describe:

    The Paw settings are hardcoded, having the possibility to customize them would improve the UX

    Is it possible to construct a solution with the existing API?

    Yes

    Describe the solution you'd like to see:

    Add a Settings view that can be showed using a menu entry

  • paw: add TOTP and HTOP support

    paw: add TOTP and HTOP support

    Adding support for TOTP and HTOP will allow to store the secret used to generate the 2FA codes for websites that supports it. Additionally we could display the TOTP code directly in Paw. A later feature could be to display the QR to allow import into 2FA application like FreeOTP, Google Authenticator, Authy ecc...

  • ui: mobile support

    ui: mobile support

    Fyne applications are able to run on mobile devices out of the box. By the way the current UI has been developed and tested mainly on linux. Test and fix, if needed, the UI on mobile.

Related tags
Network paw
🌐 (Web 3.0) Pastebin built on IPFS, securely served by Distributed Web and Edge Network.
 🌐 (Web 3.0) Pastebin built on IPFS, securely served by Distributed Web and Edge Network.

pastebin-ipfs 简体中文 (IPFS Archivists) Still in development, Pull Requests are welcomed. Pastebin built on IPFS, securely served by Distributed Web and

Jan 1, 2023
Cross-poster - A cross-posting tool for golang
 Cross-poster - A cross-posting tool for golang

How to start cp config.example.json config.json update config in config.json Bui

Feb 19, 2022
Simple application in Golang that retrieves your ip and updates your DNS entries automatically each time your IP changes.

DNS-Updater Simple application in Golang that retrieves your ip and updates your DNS entries automatically each time your IP changes. Motivation Havin

Mar 10, 2022
Brook is a cross-platform strong encryption and not detectable proxy. Zero-Configuration. Brook 是一个跨平台的强加密无特征的代理软件. 零配置.

Brook 中文 v20210401 [GUI] Block list(Ad Block) Bypass & Block rule [GUI] Forward DNS [GUI] OpenWrt GUI client [GUI] Fake DNS [CLI] $ brook tproxy Scrip

Jan 4, 2023
🖥️ Fast, modern and cross-platform SSH client
 🖥️ Fast, modern and cross-platform SSH client

??️ Fast, modern and cross-platform SSH client Installation Build from source Requirements for building the project from source: Node 16 Go >= 1.17 Wa

Mar 20, 2022
A cross-platform, decentralized, chat app based on SaltyIM for functionality and GioUI for UI

This project is shifted at https://git.mills.io/saltyim/app Salty UI A cross-platform, decentralized, chat app based on SaltyIM for functionality and

Aug 30, 2022
Pure-Go library for cross-platform local peer discovery using UDP multicast :woman: :repeat: :woman:
 Pure-Go library for cross-platform local peer discovery using UDP multicast :woman: :repeat: :woman:

peerdiscovery Pure-go library for cross-platform thread-safe local peer discovery using UDP multicast. I needed to use peer discovery for croc and eve

Jan 8, 2023
Cross platform gRPC client
 Cross platform gRPC client

Cross platform gRPC client Features Automatic parsing of proto definitions to render services and input messages .proto file discovery Selection of mu

Jan 4, 2023
Packiffer is a lightweight cross-platform networking toolkit that let you sniff/analyze/inject/filter packets.
 Packiffer is a lightweight cross-platform networking toolkit that let you sniff/analyze/inject/filter packets.

Packiffer is a lightweight cross-platform networking toolkit that let you sniff/analyze/inject/filter packets.

Dec 19, 2022
Cross platform local network clipboard sync.

clipSync Synchronize clipboard content across multiple devices. Features Rapidly synchronize clipboard content to all devices in same local network. S

Jan 3, 2022