Main Content

This is v1.0 of the PasswordPump, a USB device that manages credentials for up to 254 accounts. Credentials (account names, usernames and passwords) are stored ONLY on the device itself, on two removable EEprom chips using military grade encryption (AES-128). They are not stored in the cloud or in a file on your computer where they are more exposed to hackers. Credentials are backed up on the device itself; i.e. encrypted credentials are moved from the primary EEprom chip to the backup EEprom on demand. You may remove the EEprom chips from the device (perhaps to keep a third or fourth backup). Credentials are entered either via the rotary encoder (on the left) or via keyboard and serial terminal. The device itself is approximately 1 1/8 x 2 3/4 inches, or 29 x 71 millimeters. Currently it’s not housed inside of a case, but it should be and will be once design of the case is complete. A preliminary case design is available here (bottom) and here (top). Once my 3D printer arrives and I assemble it I’ll be perfecting the case design.

Features

Store up to 254 sets of credentials on a single 25LC256 EEprom chip.
Credentials are stored in alphabetical order for easy location. Up to 10 failed attempts to enter the master password are allowed, then an automatic chip wipe and factory reset occurs.
All credentials are encrypted with AES128, the master password is hashed with SHA256.
All encrypted accounts and the hashed master password are salted.
The device is not vulnerable to standard password attacks.
Backups on external EEprom are encrypted.
All credentials can be dumped into a text file for an additional backup (e.g. to a thumb drive that’s stored in a safe or safe deposit box, and encrypted).
Entry of credentials is supported via keyboard and serial terminal or rotary encoder.
Only one master password, up to 14 characters long, is required to access all of your credentials.
Automatic logout after 1 hour of inactivity.
Optional password generation, 31 characters of random letters, symbols and numbers, for extremely strong passwords.
Configure the display of passwords on the device to be on or off.”

Link to article

Related Content