cpwd 2.0 — tiny and handy password manager

cpwd is simple, stateless password manager. You enter a master key and the name of an account (ex. "gmail"), wait a few seconds, and cpwd generates a password for that account ready in your clipboard. You can reuse the same master key for all your accounts, and cpwd will generate a different strong password for every account. Every time you want to log in, just launch cpwd and enter the same master key and account name. Simple! Useful!

cpwd is a C port of npwd by Nadim Kobeissi, but from version 2.0 it's not compatible with original. If you need a version comapitble with npwd, look at cpwd!

Benefits

1. Memorize a single master key, but still get a different strong password for every account.
2. Quick and easy command-line access.
3. Copies password straight to clipboard then clears clipboard automatically in 15 seconds.
4. Doesn't store anything: no password databases to manage.

Usage

1. Run cpwd ([-r] [-m]) [%account_name%], ex. cpwd, cpwd twitter, cpwd -r, cpwd -r reddit. Adding -r allows you to run cpwd in registration mode where you need to enter master key twice to avoid errors. It's very useful when you're registering or changing password somewhere. Adding -m allows you to run cpwd in migration mode where you first get npwd-copatible password and then a new, cpwd2 password from the same master key and for same account name. This mode was made specially for migration from npwd and old versions of cpwd. Adding %account_name% allows you to skip entering account name in dialog mode.
2. Enter your master key (hidden, same for all accounts).
3. In a few seconds, your password for that account is in your clipboard. Clipboard is cleared automatically after 15 seconds for security.

Notes

1. Weak master key ruins everything. Your master key should have at least 8 characters, contain lowercase and uppercase letters, numbers and special symbols.
2. cpwd offers essentially the same functional as npwd plus some new. cpwd allows you to get maximum speed of work while npwd is much easier to install. cpwd is written in C while npwd is written in JavaScript, thus depends on Node.JS and npm.
3. Key derivation is done with scrypt, account name acts as salt. Parameters: N = 2¹⁷ = 131072, r = 8, p = 1, L = 16. Binary data is encoded using modified ASCII85 algorithm, so generated passwords contain 20 symbols from uppercase and lowercase English letters, numbers and special symbols sets.
4. Account names are lowercased automatically for usability. "GitHub" == "github".

Platforms

• Linux (tested)
• Mac OS X, OpenBSD and other UNIXes (not tested, but probably supported)
• Windows and other OSes (you may need to do some porting work)

Installation

1. git clone https://github.com/postboy/cpwd2.git to download repository.
2. Build cpwd. On *nix systems with GCC you can do it via running build.sh script.
3. Linux/OpenBSD only: install xclip package for working with clipboard (you can use xsel package aswell, just edit the main.c for a bit).

Tips on cpwd launching speed-up

1. On *nix: add a lines alias p='/path/to/./cpwd2', alias r='/path/to/./cpwd2 -r' and alias m='/path/to/./cpwd2 -m' in your .bashrc file for adding three commands to your shell: p that launches cpwd in normal mode, r that launches cpwd in registration mode and m that launches cpwd in migration mode.
2. On Windows: for faster launching cpwd via p, r and m commands in cmd you can create three batch scripts in some directory that's shown as result of path command in cmd: p.bat containing a line @echo off && call "C:\path\to\cpwd.exe", r.bat containing a line @echo off && call "C:\path\to\cpwd.exe -r" and m.bat containing a line @echo off && call "C:\path\to\cpwd.exe -m".

Tips on cpwd computing speed-up

1. Check if your processor supports SSE (on *nix just run grep sse /proc/cpuinfo to do it). If it does, compile against crypto_scrypt-sse.c instead of crypto_scrypt-nosse.c (and if you use GCC, add a flag -march=native).
2. Enable optimization in your compiler. If you use GCC, you can do it with flags -march=native (compile just for current processor) plus -O1 (recommended) or -O2 or -O3 (not recommended). Test them all and use the best for you.

See also

1. cpwd version 1.
2. My posts in Russian about first and second versions of this project.
3. npwd — imagine cpwd with very easy installation, but maybe not that fast work :) cpwd version compatible with npwd is here.
4. jkalbhenn's password manager is essentialy the same project, but started more than two years before this.
5. kyle is a similar project, but started about 1.5 years before this.

Related work

1. Password Multiplier using iterated hashing, 2005.
2. PwdHash using hashing and is much less secure, 2005.
3. Usability study and critique of PwdHash and Password Multiplier.
4. Janus Personalized Web Anonymizer, 1997, and it's successor, Lucent Personalized Web Assistant, 1998, both using hashing, are early examples of such password manager.
5. Password manager without a password manager that was broken, 2012.

License

cpwd itself is licensed under GPL v3, but uses scrypt 1.1.6 licensed under BSD 2-Clause, btoa 4.0 and GCC Poison which is public domain. Commands for working with clipboard are taken from node-copy-paste.

Author

Zuboff Ivan // anotherdiskmag on gooooooogle mail