gPass Chrome 插件, crx 扩展下载
扩展ID: pdmhjekonpgonlpdpgehaoekfpbmligk
gPass : global password managergPass : global Password for Firefox and Chrome Introduction Everyday we have a lot of passwords to manage corresponding to a lot of accounts we use. It's hard to remain all of these, moreover if we don't use it often. So, what most people do is to generate only a subset of passwords easy to remain. This implies two common errors : * Password are not very strong * We use them for multiple accounts The best way to avoid these errors is to have a unique strong password for each account. gPass helps to reach this goal : you keep a subset of passwords (called masterkey) and for each login/masterkey tuple you chose, gPass returns the real password by querying a password server. To have a high level of security, all information is stored encrypted (server side). Nothing is stored on client. The decryption is done on the fly when it's needed and only with user input. So, a hacker can get your password database, it will not be able to see any information (except if it brute force or leak your masterkey) ! So it's important to choose a strong masterkey ! This addon is like [last pass](https://lastpass.com/) one, but I wanted it to be open source and self hostable (be careful on server down !). Moreover, with gPass, you can have multiple master keys ! Usage The first thing to do is to populate your database (from your/a password server) with website address/login/password/master key values. You can use "*" character to access to all subdomains of a specific website (ie *.google.com). If you want to make a strong password, there is a password generator. After that, configure your addon in "tools -> addons -> gPass -> preferences" in Firefox or "More tools -> extensions -> gPass -> options" in Chrome to point to your password server (+ username). **Don't forget to enable addon within private mode**. Be careful, login and password are case sensitive ! When you're in a login form and you want to use gPass, type your login (case sensitive !) and fill "@@masterkey" in password field (only if gPass icon is green !). Then submit and password will automatically be replaced by the one in the database (after addon decrypt it). **You can also type "@_masterkey" to only replace your password without automatic submit. This allows to support more websites.** Another option is to enter your credentials in the new popup menu by clicking on gPass icon. If it's possible, gPass will auto fill password field, if not result password is stored into your clipboard. **Popup path is a safest method as website page will never see your masterkey.** ** Warning ** : Sometimes, addon could make some websites unusable, especially for login form. In this case, you can deactivate it for only one website by clicking right on gPass icon and "disable or enable gPass for this website". It's a local configuration, so it must be done for each browser. Technical details The two main columns in database are "login" and "password". login is compounded by "domain;login", salted and encrypted with AES 256-CBC The real key that encrypts these fields is PBKDF2 (hmac-sha256, masterkey, password_server_url, 1000, 256), IV is PBKDF2 (hmac-sha256, password_server_url, masterkey, 1000, 256) PBKDF2 level can be changed by user. Server side is written in PHP (with SQLite3 for database component). Server To host a password server, you need a webserver. Just copy server files in a directory read/write for web server user (www-data). A sample apache2 configuration file is available in resources. Since v0.8 and the use of Crypto API, **it's manadatory to have an HTTPS access (valid SSL/TLS certificate) to the server**. Without that, the decryption will fails. Configuration parameters are in conf.php A demonstration server is available [here](https://gpass-demo.soutade.fr). It's the default server configuration for fresh installed addon (user demo). **Warning** The master key derivation is partially based on account URL. So it's linked to your current server information. You can't move databases from servers with different URLs, you need to export them and import it again. **Server side is available [here](http://indefero.soutade.fr/p/gpass/downloads)** Version 0.6 introduces shadow logins. It's a protection again illegal database dump and purge but requires twice computation. Database update is transparent. The principle is to generate a random value (shadow login) that must be encrypted with the masterkey to get an access token. This access token allows to get the true (but encrypted) login/password couple. It's a kind of challenge : if I can encrypt the shadow login, I know the masterkey ! For security reason, the derivation of masterkey for deciphering passwords is different than for encrypting shadow logins (it uses its own salt). It's enabled by default. Client Just install the package. You can have debug information by setting DEBUG in main.js. Command line interface A command line interface is also available with the following usage : Usage: ./gpass_cli [-f config_file] [-p server_port] [-c CA_certificate_path] [-l PBKDF2_level] [-s gpass_server] [-v] -d domain -u username You can save recurrent parameters into a configuration file. Default config file is found at $HOME/.local/share/gpass/gpass.ini The dependencies are libcurl and OpenSSL (-dev packages : ie _libcurl4-openssl-dev_ and _libssl-dev_) A sample configuration file is available _gpass.ini.sample_ License All the code is licensed under GPL v3. Source code is available [here](http://indefero.soutade.fr/p/gpass). Privacy Policy Privacy Policy can be found at http://indefero.soutade.fr/p/gpass/source/tree/master/PrivacyPolicy.md Mailing list You can subscribe to the announce list @ https://pannous.soutade.fr/lists/gpass
名称 | gPass |
插件标识 | pdmhjekonpgonlpdpgehaoekfpbmligk |
平台 | Chrome |
评分 | 0 |
评分人数 | 4 |
插件主页 | |
作者 | soutade |
版本号 | 1.0 |
大小 | 66.75 KB |
官网下载次数 | 212 |
分类 | 查看更多 无障碍辅助 分类下的扩展插件 |
下载地址 | |
更新时间 | 2020-10-15 00:00:00 |
CRX扩展文件安装方法
打开Chrome浏览器的扩展程序: 地址栏直接输入:chrome://extensions/ 即可进入,将右上角的【开发者模式】开启,重启chrome(重要操作),再次打开扩展程序管理界面,把下载的crx直接拖动进去即可完成安装,注意请更新最新版本的chrome.
打开Chrome浏览器的扩展程序: 地址栏直接输入:chrome://extensions/ 即可进入,将右上角的【开发者模式】开启,重启chrome(重要操作),再次打开扩展程序管理界面,把下载的crx直接拖动进去即可完成安装,注意请更新最新版本的chrome.
回复
强烈推荐
相关推荐
大家在找这些插件
- wintoo
- Minecraft themed clothing and apparel
- cornerstone3d使用
- doora
- AB DownloadManager
- Link Gopher
- Link Klipper
- FANZA
- DMM
- youtube - jackpotbetonline.com
- how to create online courses
- video downl
- fukun
- تحميل لعبة sonic exe
- 沉浸式翻译扩展
- youtube - yetundeodugbesan.com
- nodepay
- v1111111111111RGY RTGYR5G5TYE4RRRRRRRRWY5D5 YUUTIIIIIIIIIIIIOHU OIEOOOOOOOOOOOOOOOIK M
- singlepile
- 切图仔
- 切图
- CLO Code: V1
- awe
- gamestorrent
- 爆力猴
- 联想语音-音视频翻译、辅助语言学习
- Gradient
- Gradient Network
- m4a轉mp3 軟體
- 1inch
- Nêu được một số dịch vụ cụ thể mà Điện toán đám mây cung cấp cho người dùng. tin 10
- what to do if your iphone x is not charging
- hackstore2 com
- beni singing technique
- bioom通知插件
- profile mike thiel pirate wiresbeam theatlantic
- 540241802561890129.ofgu0827.xyz
- 177054054323312809.ofre802.xyz
- 逸掌柜
- 855570180747803330.ofd0718.xyz
- hack lượt theo dõi fanpage
- QR-Code Generator
- 安徽继续教育在线
- Trancy 插件
- SIS00
- scottmurphy09.com
- 492497226934578553.ofd0718.xyz
- 3dimmanimati
- 710027843937774487.ofd0126.xyz
- youtube - info-portal5.com
- kack
- kackb
- kackbar
- حصان ينيك طيز بنت ابيض
- yegrreg
- arcsurf
- nonuville.clud
- 2348072469021
- trackers blocker
- trackers
- uipath
- 10x genomics chromium 建库流程
- 无痕加购
- 無蝦米
- screen recorder
- seroto9
- profile mike peter thiel wiresbeam theatlantic
- cvmultimedia conta do cliente
- rytpekep extension
- 雷霆加速器
- reed a text
- webstrorm ai提示插件
- kipflix
- 鼠标 手势
- rosniper extension edge
- epic浏览器的翻墙插件
- ][lk;bkjhjlplk;ojlk
- emanuel chris & endang
- 符之
- pdf 压缩
- gtihub下载
- GitHub File Download
- 道客巴巴免费复制
- hnbbg
- Shopstore
- 倍速、
- which is better email client or mailbird
- FigmaCN
- weboffice
- webooffice
- OKX WALLET
- 789club.it.com
- 18 teen videos free teen amateur nude porn forum
- 京巴士拍单插件下载
- alxmin extension
- www.scottmurphy09.com