The extension allows to encrypt passwords with a master password.
It enables CodeLens (inline text actions) for any text that looks like:
login:password
Password part can be encrypted, decrypted and copied to clipboard.
Hide Password | Copy Password
test@example.com:password123
↓ Click "Hide Password", enter master password ↓
Unhide Password | Copy Password
test@example.com:AAF5etlyDen/7nX6nbJ5IUY+v/1d5NC3RFMxLxnHhGwRfHOI4cfyQfWtSs41Z6OAdu/Gn78=
Unhide password leads to decryption.
You can copy hidden password, master password is required.
Standard browser encryption API is used.
AES-GCM 256 bit is used for the payload.
Both the master password and the payload are salted with 196 bit of different random data.
Encrypted data format is a base64 value of:
- 1 byte starting mark = 0
- 1 bytes version mark
- 12 bytes password salt
- 12 bytes payload salt
- N>0 byte payload, which contains:
- length of data as a string
- '\0' separator
- payload
Contribution is welcome!
To start development:
- install
yarn; - clone the repository;
- run
yarncommand to install packages; - press
F5to test and debug; - create PR after
- Handle errors on incorrect password
- Improve regex
- Encryption of all the login/password pairs in a file with one command
- Improving payload length handling
- More compact encrypted line without damaging encryption strength
Additionally:
- Associate with .pwd, make option to enable extension for these files only?
- Copy login?
- Should we also enable login encryption?
- What else can we encrypt?
- Powder mode - change Hide Password/Unhide Password with Powder/Unpowder