Skip to content

Instantly share code, notes, and snippets.

@ilario
Last active May 17, 2016 14:01
Show Gist options
  • Save ilario/beebafee52a7a4d8cf3b to your computer and use it in GitHub Desktop.
Save ilario/beebafee52a7a4d8cf3b to your computer and use it in GitHub Desktop.
Shell script for generating per-site passwords.
#!/bin/bash
# Passwordz
# Copyright (C) 2016 Ilario Gelmetti <[email protected]>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Shell script (at least works with BASH and ZSH, but not with SH) for generating per-site passwords.
#
# Instructions:
# Launch the script in a terminal (if you have one, otherwise read next section),
# enter a master password (the output is suppressed),
# enter the name of the website you're generating a password for,
# this can include the TLD (e.g. ".com") or not, it's up to you.
# The gray result is actually an alphanumeric string, out of which you can copy a good piece for a password,
# you can select the whole string (19 characters) or just a part of it,
# the numerical index is there only for helping you to select always the same part of the string,
# for example, you could decide to use always the characters from the second to the ninth.
# Now that you have your string you can go to the website and paste the copied text,
# usually you can paste the selected string clicking the middle mouse button/scroll wheel,
# or, if you don't have any scroll wheel, clicking both left and right at the same time,
# otherwise do a normal copy and paste,
# you have maximum 20 seconds of time to do this,
# after this time your X clipboard should be cleared from the string.
# It's wise to concatenate a short string, we could call it a second master password,
# at the end of the copied alphanumeric string,
# so that the password will be a junction of the website-dependent string and this "second master password",
# this is also useful for complying with those annoying websites asking you to (or to not) include punctuation signs,
# for example I use two versions of this "second master password", very similar ones,
# depending on whether the site requires or forbids punctuation signs.
# Finally, if your clipboard has not been automatically cleared after 20 seconds,
# clear it copying some text from somewhere.
#
# If you're not on your computer you can still use this script, it doesn't depend on any local storage,
# you can just download and run this script.
# If you're on some operating system which doesn't provide a shell for running this script,
# you can look on the internet for "SHA512 javascript",
# once found a suitable website, insert as an input your first master password,
# concatenated (without spaces) with the website name you're generating the password for,
# then one round of SHA512 will give you a string which starts with the same alphanumeric stringgiven by this script.
# Beware that doing this procedure in a browser is much less secure than doing it locally in a terminal!
printf "Master password? "; read -s password1;
printf "\n check: $(echo -n "$password1" | sha512sum | head -c 3)";
printf "\nWebsite? "; read website;
grep -qFx $website passwordz-list || { printf "$website\n" >> passwordz-list && printf " **new website: website name added to the list**\n"; };
result=$(printf "$password1$website" | sha512sum | head -c 19);
printf " result: \e[8;37m\e[47m$result\e[m\n";
printf " index: $(seq -s "" 1 9)$(seq -s "" 0 9)\n";
unset password1; unset website; unset result;
sleep 20; reset
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment