Thread: Colby's Secure Password Manager

Page 1 of 3 123 LastLast
Results 1 to 10 of 24
  1. #1 Colby's Secure Password Manager 
    Banned

    Join Date
    Jul 2008
    Age
    28
    Posts
    5,827
    Thanks given
    1,301
    Thanks received
    197
    Rep Power
    0
    I made this to store my passwords. (Yes I'm actually going to use it) It's secure, as it uses an MD5 encryption. The only way to get the valid password is by changing the byte values with the actual one.

    The passwords are stored in:
    C:\\Program Files\\Colby's Password Manager\\
    You set a master password that is able to decrypt all stored passwords.
    Basically, you can set it so if you type "rune-server" to print out your rune-server password. It supports adding and deleting saved passwords, setting a new master password, and theres a reset command to reset all saved passwords.

    The only downside is that passwords cannot contain these characters:
    / \\ * : ? \" < > |
    Since each one it stored in a file name.

    Remember, to prevent possible corruption, always exit using the "exit" command.

    Direct download of precompiled .jar: (Just double click the batch)
    http://www.mediafire.com/?ytmyntmyoyd

    Type "help" to list all commands:
    Code:
            System.out.println("Here is a list of commands:");
            System.out.println("- Type \"get\" to get a previously stored password.");
            System.out.println("- Type \"set\" to set a new password to store.");
            System.out.println("- Type \"setmaster\" to set a new master password.");
            System.out.println("- Type \"exit\" to exit.");
            System.out.println("- Type \"reset\" to delete ALL passwords.");
            System.out.println("- Typr \"delete\" to delete a single password.");
    
            System.out.println("Other stuff:");
            System.out.println("- Keywords cannot conatin any of the following: / \\ * : ? \" < > |");
    Code:
    import java.io.BufferedReader;
    import java.io.BufferedWriter;
    import java.io.File;
    import java.io.FileReader;
    import java.io.FileWriter;
    import java.security.MessageDigest;
    import java.security.NoSuchAlgorithmException;
    import java.util.Scanner;
    
    /**
     * Stores passwords.
     * @author Colby
     */
    public class PasswordStorage {
    
        public static void main(String[] args) throws Exception {
            System.out.println("Welcome to Colby's Password Manager.");
            System.out.println();
    
            if (isFirstRun()) {
                System.out.println("This is the first time you have run this application.");
                System.out.println("In the future, please enter \"help\" for a list of commands.");
                System.out.println("Please enter a master password: ");
                String newMaster = in.nextLine();
                new File(STORE + "FIRSTRUN").mkdirs();
                setMasterPassword(newMaster);
                System.out.println();
            }
    
            validate();
            System.out.println();
    
            while (true) {
    
                System.out.println("Please enter a command: ");
                String command = in.nextLine();
    
                if (command.equalsIgnoreCase("help")) {
                    displayHelp();
    
                } else if (command.equalsIgnoreCase("get")) {
                    getPassword();
    
                } else if (command.equalsIgnoreCase("set")) {
                    setPassword();
    
                } else if (command.equalsIgnoreCase("setmaster")) {
                    setMasterPassword();
    
                } else if (command.equalsIgnoreCase("delete")) {
                    deletePassword();
    
                } else if (command.equalsIgnoreCase("reset")) {
                    resetProgram();
    
                } else if (command.equals("exit")) {
                    System.out.println("Goodbye!");
                    System.exit(0);
    
                } else {
                    System.out.println("Invalid command. Type \"help\" for a help.");
                }
    
                System.out.println();
            }
        }
    
        public static void resetProgram() throws Exception {
            System.out.println("WARNING! This feature will erase ALL saved passwords and the master password.");
            System.out.println("Type \"yes\" to delete all passwords, or \"no\" to abort.");
            String input = in.nextLine();
            if (input.equalsIgnoreCase("yes")) {
                File[] files = new File(STORE).listFiles();
                for (File f : files) {
                    System.out.println("Deleting: " + f.getName());
                    f.delete();
                }
                System.out.println("All files delted!");
                System.out.println();
                main(new String[0]);
    
            } else {
                System.out.println("Aborted.");
            }
        }
    
        public static void deletePassword() {
            System.out.println("Please enter the keyword associated with the password you wish to delete:");
            String keyword = in.nextLine();
            File store = new File(keyword);
            if (store.exists()) {
                System.out.println("Sucessfully deleted password storage for: " + keyword);
    
            } else {
                System.out.println("Invalid keyword.");
            }
        }
    
        public static boolean isFirstRun() {
            return !new File(STORE + "FIRSTRUN").exists();
        }
    
        public static void setPassword() throws Exception {
    
            BufferedWriter storeFile = null;
            try {
                System.out.println("Enter the keyword you wish to be associated with the new password:");
                String keyword = in.nextLine();
                if (keyword.length() < 1) {
                    System.out.println("Invalid keyword.");
                    return;
                }
    
                storeFile = new BufferedWriter(new FileWriter(STORE + keyword));
    
                System.out.println("Please enter a password for this keyword: ");
    
                char[] newPassword = in.nextLine().toCharArray();
                char[] masterPassword = PasswordStorage.masterPassword.toCharArray();
                for (int i = 0, i2 = 0; i < newPassword.length; i++, i2++) {
                    if (i2 == masterPassword.length - 1) {
                        i2 = 0;
                    }
                    newPassword[i] += masterPassword[i2];
                }
    
                storeFile.write(new String(newPassword));
                System.out.println("Password sucesfully set!");
    
            } finally {
    
                if (storeFile != null) {
                    storeFile.flush();
                    storeFile.close();
                }
            }
        }
    
        public static void getPassword() throws Exception {
    
            BufferedReader storeFile = null;
            try {
                System.out.println("Please enter the keyword related to the password:");
                String keyword = in.nextLine();
                File store = new File(STORE + keyword);
                if (store.exists() && !store.isDirectory()) {
                    storeFile = new BufferedReader(new FileReader(store));
                    char[] encodedPassword = storeFile.readLine().toCharArray();
                    char[] masterPassword = PasswordStorage.masterPassword.toCharArray();
    
                    for (int i = 0, i2 = 0; i < encodedPassword.length; i++, i2++) {
                        if (i2 == masterPassword.length - 1) {
                            i2 = 0;
                        }
                        encodedPassword[i] -= masterPassword[i2];
                    }
    
                    System.out.println("Password to " + keyword + " is: ");
                    System.out.println(new String(encodedPassword));
                    return;
                }
    
                System.out.println("Invalid keyword!");
    
            } finally {
    
                if (storeFile != null) {
                    storeFile.close();
                }
            }
        }
    
        public static void setMasterPassword() throws Exception {
            System.out.println("Please enter a new master password: ");
            setMasterPassword(in.nextLine());
        }
    
        public static void validate() throws Exception {
    
            for (int tries = 0; tries < 5; tries++) {
                System.out.println("Please enter the master password: ");
                if (validPassword(in.nextLine())) {
                    System.out.println("Password validated! Welcome.");
                    return;
                }
    
                System.out.println("Incorrect password! " + (4 - tries) + " attemps left.");
            }
    
            System.exit(0);
        }
    
        public static void displayHelp() {
            System.out.println("Here is a list of commands:");
            System.out.println("- Type \"get\" to get a previously stored password.");
            System.out.println("- Type \"set\" to set a new password to store.");
            System.out.println("- Type \"setmaster\" to set a new master password.");
            System.out.println("- Type \"exit\" to exit.");
            System.out.println("- Type \"reset\" to delete ALL passwords.");
            System.out.println("- Typr \"delete\" to delete a single password.");
    
            System.out.println("Other stuff:");
            System.out.println("- Keywords cannot conatin any of the following: / \\ * : ? \" < > |");
        }
    
        public static void setMasterPassword(String newPassword) throws Exception {
    
            BufferedWriter storeFile = null;
            try {
                storeFile = new BufferedWriter(new FileWriter(STORE + "MASTER"));
                storeFile.write(new String(compute(newPassword)));
    
            } finally {
    
                if (storeFile != null) {
                    storeFile.flush();
                    storeFile.close();
                }
            }
    
            System.out.println("New master password set!");
        }
    
        public static boolean validPassword(String password) throws Exception, NoSuchAlgorithmException {
            masterPassword = password;
    
            BufferedReader storeFile = null;
            try {
                storeFile = new BufferedReader(new FileReader(STORE + "MASTER"));
    
                String actualMD5 = storeFile.readLine();
                String attemptMD5 = compute(password);
    
                return actualMD5.equals(attemptMD5);
    
            } finally {
    
                if (storeFile != null) {
                    storeFile.close();
                }
            }
        }
    
        private static String compute(String input) throws NoSuchAlgorithmException {
            byte[] md5Bytes = MessageDigest.getInstance("MD5").digest(input.getBytes());
            StringBuffer hexValue = new StringBuffer();
    
            for (byte element : md5Bytes) {
                int val = element & 0xff;
                if (val < 16) {
                    hexValue.append("0");
                }
                hexValue.append(Integer.toHexString(val));
            }
    
            return hexValue.toString();
        }
        public static String masterPassword;
        public static Scanner in = new Scanner(System.in);
        public static final String STORE = "C:\\Program Files\\Colby's Password Manager\\";
    }
     

  2. #2  
    Registered Member Killer 99's Avatar
    Join Date
    Dec 2007
    Posts
    1,480
    Thanks given
    171
    Thanks received
    503
    Rep Power
    414
    how is this secure?
     

  3. #3  
    Banned

    Join Date
    Jul 2008
    Age
    28
    Posts
    5,827
    Thanks given
    1,301
    Thanks received
    197
    Rep Power
    0
    Quote Originally Posted by Killer 99 View Post
    how is this secure?
    MD5's.
     

  4. #4  
    Registered Member Killer 99's Avatar
    Join Date
    Dec 2007
    Posts
    1,480
    Thanks given
    171
    Thanks received
    503
    Rep Power
    414
    Quote Originally Posted by Colby View Post
    Lemme explain it.

    Say your master password is "master". It is stored in a file, but it's encrypted using itself as a key. It's converted to a char[] and subtracted from itself, so when it's stored it;s encrypted. Other passwords are stored the same way, using the master as a key.

    EDIT: OMG GLITCH.. You could just x2 the stored master password.. Lemme fix that.
    so the "encryption" logic is...:

    c = d*2

    and decryption...:

    d = c/2
     

  5. #5  
    Banned

    Join Date
    Jul 2008
    Age
    28
    Posts
    5,827
    Thanks given
    1,301
    Thanks received
    197
    Rep Power
    0
    Quote Originally Posted by Killer 99 View Post
    so the "encryption" logic is...:

    c = d*2

    and decryption...:

    d = c/2
    Replaced that logic with MD5.
     

  6. #6  
    Registered Member Killer 99's Avatar
    Join Date
    Dec 2007
    Posts
    1,480
    Thanks given
    171
    Thanks received
    503
    Rep Power
    414
    that was for your master password, not the sub passwords.
     

  7. #7  
    Banned

    Join Date
    Jul 2008
    Age
    28
    Posts
    5,827
    Thanks given
    1,301
    Thanks received
    197
    Rep Power
    0
    Okay, just used MD5 for the master. So obvious lol.
     

  8. #8  
    Banned

    Join Date
    Jul 2008
    Age
    28
    Posts
    5,827
    Thanks given
    1,301
    Thanks received
    197
    Rep Power
    0
    Quote Originally Posted by Gnarly View Post
    Whats wrong with this?

    Code:
    import java.util.Random;
    
    /**
     * Secure Password Generator
     * 
     * @author Gnarly
     */
    public class PasswordGenerator {
    
    	private static final int PASSWORD_LENGTH = 32;
    
    	private static final char VALID_CHARS[] = { 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' };
    
    	public static void main(String[] args) {
    		while (true) {
    			System.out.println(generatePassword(PASSWORD_LENGTH));
    			try {
    				Thread.sleep(150);
    			} catch (InterruptedException e) {
    				e.printStackTrace();
    			}
    		}
    	}
    
    	private static String generatePassword(int length) {
    		StringBuilder stringBuilder = new StringBuilder();
    		for (int i = 0; i < length; i++) {
    			stringBuilder.append(VALID_CHARS[randomInteger(1, VALID_CHARS.length) - 1]);
    		}
    		return stringBuilder.toString();
    	}
    
    	private static int randomInteger(final int min, final int max) {
    		int n = Math.abs(max + 1 - min);
    		return Math.min(min, max + 1) + (n == 0 ? 0 : (new Random()).nextInt(n));
    	}
    
    }
    Did you even read ANY of the post or code? It has NOTHING to do with generating random passwords..
     

  9. #9  
    Programmer, Contributor, RM and Veteran




    Join Date
    Mar 2007
    Posts
    5,147
    Thanks given
    2,656
    Thanks received
    3,731
    Rep Power
    5000
    md5 isn't reversible.

    EDIT: I see now, it just merges your password + the master password together.
    .
     

  10. #10  
    Registered Member Killer 99's Avatar
    Join Date
    Dec 2007
    Posts
    1,480
    Thanks given
    171
    Thanks received
    503
    Rep Power
    414
    yeah, what if i just make my own program to use the master password file and then im in...this isnt secure.
     

Page 1 of 3 123 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •