A password management tool without storing them. It is Safe and Rememberable.
We all know that using same password everywhere is extremly unsafe because websites cannot be trusted to protect them from hackers. So once one of your passwords is leaked, the other accounts are still safe.
However, it is impossible to remember all passwords for different websites. So there are several solutions for password management, like LastPass, 1Password or KeePass.
But are they really safe? LastPass had been hacked. Keep them local? You must synchronize manually. How can we balance the safety and convenience?
Amaranth provides a simple password management solution. You just need to remember only one password (we call it main password), and set different site id for accounts on different sites (you can directly use the brand name like google or apple). Amaranth will calculate the password for you.
Only you have main password, and site id, Amaranth can calculate correct password for you. If any of this 2 is wrong, Amaranth will provide different password. The benefits of this are that you only need to remember this specific main password IN YOUR BRAIN, and Amaranth can give you any password you need at any devices without synchronization and storage.
So Amaranth is unhackable because it dose not store any of your password. It only provides an algorithm to generate them.
It also comes with different type of password in case there is requirement in websites or services. For example, some website require longer password length (more than 10) but some service (like bank) require PIN as password. Amaranth provides 4 kinds of passwords which is PIN, Short, Classic and Long.
According to HOW SECURE IS MY PASSWORD?, the Long type password needs 3 TRILLION YEARS to crack (2016).
The benifits of using Amaranth:
- Safe, unhackable. Even your computer is stolen, the passwords will never leak.
- Easy to remember. User just need to remember a main password and a rule of site id.
- Main password is only used to generate password, never used in actual websites.
- No need to think a new password for new account.
There is also a shortcoming, if you choose this solution, you need to change your current passwords.
There is a Chrome extension for this. (repo)
This repository is for algorithm. To check it, just
npm install amaranth
and in your nodejs file:
const amaranth = require('amaranth');
const password = amaranth('main password', 'site id', 'Long');
// amaranth(mainPassword, siteId, passwordType);
The Amaranth was tested on node v4.6.0 and v6.7.0, should works on all version of nodejs above v4.6.0.
Currently Amaranth support 4 types of password:
- PIN: 4 digit
- Short: 1 uppercase characters, 2 lowercase characters, 1 digit
- Classic: 2 uppercase characters, 3 lowercase characters, 2 digit, 1 punctuation
- Long: 4 uppercase characters, 6 lowercase characters, 4 digit, 2 punctuation
See LICENSE file.