Show HN: My password manager because I trust no one (including you)

S	Slacker News new \| past \| comments \| ask \| show \| jobs \| submit back to kaighn.com

▲	Show HN: My password manager because I trust no one (including you) (github.com)
	344 points by zero_trust_zach 6 hours ago \| hide \| 6 comments

I didn't trust any existing password manager so I wrote my own. It's 300 lines of Python, stores secrets in a GPG-encrypted file, and has no sync, no backups, and no recovery. If you lose the key, the passwords are gone forever. This is a feature.

rolled_my_own_crypto 6 hours ago | 15 points | parent | prev | next

the first rule of crypto is don't roll your own crypto

zero_trust_zach 6 hours ago | 77 points | parent | prev | next

I didn't roll my own crypto, I rolled my own everything-around-the-crypto, which is where all the real bugs are, so actually it's worse, but it's MINE.

audited_dev 5 hours ago | 110 points | parent | prev | next

has anyone audited the 300 lines

zero_trust_zach 5 hours ago | 126 points | parent | prev | next

No, because to audit it you'd have to read it, and to read it you'd need access, and I trust no one, including auditors, especially auditors. The code is air-gapped on a laptop with the Wi-Fi card physically removed. The only person who can audit it is me, and I'm biased, and I trust no one, including me. So it's unaudited and that's the most honest state for software to be in.

lost_my_keys 4 hours ago | 146 points | parent | prev | next

what happens when you die and your family needs your accounts

zero_trust_zach 4 hours ago | 8 points | parent | prev | next

Perfect forward secrecy extended to the afterlife. My estate is also zero-knowledge. My heirs inherit a GPG blob and a sense of mystery. It's the most private thing I'll ever do, second only to the funeral, which will have no guests, by design, like my software.

← back to front page