fantompass is a simple human-readable persistent password generator, that can generate the same password for a given website and account over and over again without actually storing any passwords on a user's machine!
python fantompass.py
fantompass will ask you for your master password, hostname or website name, the account that is/will be registered on the said hostname, and optional modifier. The modifier is useful in several cases, for example if you want to create several different passwords for the same hostname:login pair. After filling all the fields, fantompass will generate the human-readable password and show it on screen by default.
-c or --clipboard cmdline option will force fantompass to copy the password directly to your clipboard instead of showing it on screen. Notice, that you may have to install xclip or xsel packages in order to get clipboard functionality working.
Let's see how can we generate persistent password for a given pair of login credentials: website and login.
One way we can do this is by simply concatenating the website and login and taking a hash of those, let's say a sha256 hash:
>>> from hashlib import sha256
>>> hostname = 'website'
>>> login = 'login'
>>> password = sha256((hostname + login).encode('utf-8')).hexdigest()
>>> print(password)
e8e0953d0fca61603e5dd3b9f96f2b12cd88cd89e7bae75f52dea69f347dc01eThis doesn't look human-readable, does it? It's also horribly insecure - anyone who knows your login and a target website address can easily generate your password. The latter problem can be solved by using master password. A combination of master password, hostname and login creates a unique hash, which can't be re-generated by an attacker as long as they don't know the master password:
>>> from hashlib import sha256
>>> from getpass import getpass
>>> master_password = getpass('Enter your master password (no characters will be shown): ')
Enter your master password (no characters will be shown):
>>> hostname = 'website'
>>> login = 'login'
>>> password = sha256((master_password + hostname + login).encode('utf-8')).hexdigest()
>>> print(password)
68d62c85dc2d3ab092252efed524d441523dab24a2ca7f199adbe7a0d4c07ca2Still, this password doesn't look human readable. fantompass addresses this problem by converting a hash into a "phrase", constructed with a few words from a dictionary of 60k+ most common English words, resulting in passwords like this one:
Begleitete-Folles-Blaise-Orig-Genoese-Juengling