password-manager-resources
evilpass
| password-manager-resources | evilpass | |
|---|---|---|
| 19 | 2 | |
| 4,021 | 6 | |
| 0.3% | - | |
| 7.6 | 0.0 | |
| 23 days ago | about 7 years ago | |
| JavaScript | Python | |
| MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
password-manager-resources
-
Don't Fuck with Paste
Even Apple was so annoyed at this themselves that they actually went for a full open-source open-for-contributions GitHub repository at https://github.com/apple/password-manager-resources to get around these issues.
> Many password managers generate strong, unique passwords for people so that they aren't tempted to create their passwords by hand, which leads to easily guessed and reused passwords. Every time a password manager generates a password that isn't compatible with a website, a person not only has a bad experience but a reason to be tempted to create their password. Compiling password rule quirks helps fewer people run into issues like these while also documenting that a service's password policy is too restrictive for people using password managers, which may incentivize the services to change.
-
Ask HN: Where's the website that shows password requirements for other sites?
Check out https://github.com/apple/password-manager-resources
-
Suggestion: Collect every website possible info about how long could be a password on that site and suggest the longest possible password for it
Apple has already created the database for this and made it open source: https://github.com/apple/password-manager-resources
- I’m really sick of keychain password suggestion NOT WORKING on more than half the internet. WHY!!
-
I hate password rules!
Something like this?
-
what is the most practical password length?
Password rules are really all over the place. Based on the sampling available on Apple's password rules database, seems that the majority of sites would accept a 12-character password (although ironically, most websites that restrict the password to be shorter than 12 characters seem to be banks...).
-
Easily move all your passwords from Bitwarden to iCloud Keychain
There are still some things in Keychain that feel stupid. For example, Keychain won't merge https://www.google.co.uk and https://www.google.com accounts into one and you can't do it by yourself, and it will even warn about duplicated passwords for these two websites — that's very stupid especially because Apple maintains open database for password managers which solves the problem of alias domains. But that's the most annoying thing for me.
-
YouTubePluginReplacement.cpp: YouTube-specific code in WebKit
https://github.com/apple/password-manager-resources/blob/mai...
For being "quite obscure", I've at least heard of most of these sites before. Banks with "maxlength: 8", you love to see it.
-
Why does Apple’s “Strong Password” not meet most websites’ criteria
FWIW, Apple asks users to tell them the password requirements to websites they notice the "Strong Password" feature doesn't work correctly.
-
How to use iCloud Keychain, Apple's built-in and free password manager
The password complexity rule set is open source, you can contribute requirements for specific sites: https://github.com/apple/password-manager-resources
evilpass
-
Don't Fuck with Paste
Tangential at best, but this project made me think of evilpass, which is the funniest password validation scheme ever!
It probably does increase security, but it also gives the impression of actively hacking you.
https://github.com/kitzin/evilpass
-
"Would you like to know what your old password was?" This actually happened to me from a F500 company...
"Your password must not be the same as your Twitter password. Please try again."
What are some alternatives?
security.txt
plaintextoffenders - https://plaintextoffenders.com offenders list
foundationdb - FoundationDB - the open source, distributed, transactional key-value store
winget-pkgs - The Microsoft community Windows Package Manager manifest repository
hummingbird - Hummingbird compiles trained ML models into tensor computation for faster inference.
coremltools - Core ML tools contain supporting tools for Core ML model conversion, editing, and validation.
securitytxt.org - Static website for security.txt.
atlas-design - Atlas Design System serves the Microsoft Learn design & engineering teams. We are a CSS-first design system that aspires to beautiful, accessible, themeable, reading-direction-agnostic components.
msquic - Cross-platform, C implementation of the IETF QUIC protocol, exposed to C, C++, C# and Rust.
uprove-javascript-sdk - The U-Prove JavaScript SDK implements the client-side of the U-Prove Cryptographic Specification, and is a companion to the U-Prove C# SDK. It can be used to write web clients interacting with U-Prove services. For more information about the U-Prove technology, please visit http://www.microsoft.com/uprove.
ServiceTalk - A networking framework that evolves with your application
pass-import - A pass extension for importing data from most existing password managers