portable-secret
CryptoGotchas
portable-secret | CryptoGotchas | |
---|---|---|
11 | 4 | |
1,667 | 308 | |
- | - | |
3.1 | 2.3 | |
8 months ago | 2 months ago | |
HTML | HTML | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
portable-secret
-
Ask HN: Best practices for safeguarding master password in organization?
Something like [0] maybe?
[0]: https://mprimi.github.io/portable-secret/
-
Ask HN: What is the best password manager available today?
I like portable-secret which uses the built-in browser cryptographic functions, no external software.
https://github.com/mprimi/portable-secret
- Password protect a static HTML page
-
Encrypting Data in the Browser Using WebAuthn
My own in-browser encryption project/POC: https://mprimi.github.io/portable-secret/
Discussed here: https://news.ycombinator.com/item?id=34083366
- Ask HN: End-of-life planning while young?
-
Native zip encryption on Fedora
I saw someone recommend Portable Secret recently, albeit I’ve not used it but thought I’d throw it into the mix in case someone else has and can comment.
- Can this be implemented
-
Show HN: I store my critical secrets and document, and communicate privately
Interesting... on 2022-12-13 the bounty has been claimed! Just a few hours after mprime1 shared the project in a comment on HackerNews, someone managed to drain the BTC.
https://github.com/mprimi/portable-secret/commit/3b22d2b42ba...
I'd love to hear more about this.
- PortableSecret: Better privacy with the tools you already have
CryptoGotchas
- Study found that developers (still) have a distinct lack of knowledge in understanding the fundamental concepts of cryptography - call for dedicated studies to investigate the usability of crypto APIs
-
I know the mantra is “don’t roll your own crypto”. What are the common pitfalls that people fall into when making their own cryptography programs? For example, why shouldn’t I use the Chacha program that I just wrote?
I present the list of Crypto Gotchas that I've seen in real world code. All of these mistakes have happily many times and broken systems. (They also generally assume that your underlying cryptography is properly built but you still get things wrong.)
-
How to learn cryptography?
My Crypto Gotchas: Getting Started page is a list of resources designed to get people into cryptography. I hope that it is helpful.
- Advice on self-learning crypto
What are some alternatives?
isomorphic-webcrypto - :game_die: webcrypto library for Node, React Native and IE11+
Top10 - Official OWASP Top 10 Document Repository
horcrux - Split your file into encrypted fragments so that you don't need to remember a passcode
Cryptography-Guidelines - Guidance on implementing cryptography as a developer.
encrypted-html-vault - A utility for creating a secret vault inside an HTML file for maximum portability.
crypto101
PageCrypt - Client-side password-protection for HTML
black - The uncompromising Python code formatter
dom-examples - Code examples that accompany various MDN DOM and Web API documentation pages
sessionKeys - A tool for the deterministic generation of unique user IDs, and NaCl cryptographic keys from a single username and high entropy passphrase.
rainbow-table - simple rainbow-table implementation in node.js
python-fpe - FPE - Format Preserving Encryption with FF3 in Python