Stop storing passwords Start using a simple mnemonic |
passamaru - password manager
01. Main idea of passamaru
Passamaru is based on a fundamentally different concept, which sounds like: "Stop storing passwords." If you do not store passwords, then hacking the program and selecting keys loses all meaning. And this can be achieved thanks to mnemonics.
You are offered several options at once:
- Do not store passwords at all
The most important passwords may not be stored anywhere at all. You don't even need to create entries in the program's library and you don't need to memorize them. Only you and no one else will know about the existence of these passwords. Such passwords are created using the mnemonic technique and only at the moment when they are needed. At the same time, the complexity and length of the password can be absolutely any. For understanding, just imagine a password of unlimited length, which is not stored anywhere, but which you can recover on any device with just one click. - Store only technical data
In most cases, only auxiliary information can be stored instead of real passwords. For example: login, site address, entry editing date, or just a few completely random characters. For outsiders, such information will be useless, and you can use it to recover your real password. - Store passwords with dynamic protection
If it is more convenient for you to store passwords, then in this case passamaru will use two encryption algorithms at once with two independent keys. But even if an outsider gains access to the library, he will encounter dynamic protection, which replaces the real password with a random set of characters. The thing is that, unlike classic password managers, passamaru never stores real passwords, even if you think you have saved them. It sounds strange, but this is possible due to the fact that passamaru uses a fundamentally different concept of work.
02. Main advantage
Thanks to the use of mnemonics and completely offline operation, the security of passamaru reaches a whole new level, unattainable in classic password managers. Hacking a program that doesn't store passwords makes no sense. The only way to steal a password is to intercept it with third party hardware or software. Therefore, it is recommended to use passamaru only on trusted devices.
03. Main disadvantage
Passamaru is more complicated than classic password managers and requires some time to understand and create your own behavior algorithm. Because of this, some users uninstall the app without even reading the instructions. In fact, passamaru is designed in such a way that you create the level of complexity that suits you. The app doesn't force you to do anything you don't want to do. All you need is to understand the general principle of operation. Just start reading the instructions and see typical examples. If you have never worked with mnemonics before and it is difficult for you to come up with your own mnemonic rule, then just start storing passwords in passamaru, as in classic password managers. Over time, you will get comfortable and will be able to gradually move to the use of mnemonics.
04. Capabilities and features
- An unprecedented level of security when using mnemonics, unattainable in classic password managers
- Creation and storage of classic passwords of any complexity
- Creation of mnemonic passwords of any complexity without the need for storage
- Ability to combine classic and mnemonic passwords with only part of the password stored
- Storage of bank card data
- Storage of text records
- Simultaneous use of two encryption algorithms at once (AES-256 and cryptamaru) with two independent keys
- Additional third encryption algorithm with random character substitution for the "Cards" and "Storage" sections
- Ability to use a separate encryption key for each entry in the "Cards" and "Storage" sections
- Dynamic encryption keys for each entry at the software level
- You can remember and recover a password of any complexity, knowing only one initial character
- Several operating modes designed for users with different requirements and tasks
- Lack of network access at the operating system level to exclude surveillance of users
- Manual synchronization between devices and creation of a backup archive under the full control of the user
- Two-level mechanism for protecting mnemonic passwords from random coincidence for different users
- The user can independently determine the degree of data protection and the level of complexity
- For particularly sensitive passwords, you can leave no records and thus leave no digital footprint.
- In certain circumstances, the program can be used without creating any entries in the "Passwords" library
- The mnemonic master-password does not need to be stored somewhere and is easier to use with frequent authorization
05. Classics and mnemonics
- Classic passwords
Difficult to remember, so they need to be stored somewhere. Usually, password managers or a piece of paper are used for this. - Mnemonic passwords
It is easy to remember and can be quickly retrieved from memory by following a series of simple steps. There is no need to store them, which significantly increases safety.
06. Mnemonic is very simple
- Start value (base)
Absolutely anything can be used as the basis of a mnemonic password: website or email address, username, pet name, e-wallet number, song title, device serial number, color, date, and generally any word, phrase, or even just one letter or number. That is what you can easily remember. At the same time, the basis of the mnemonic password does not have to be hidden, it can be stored in the clear and in a conspicuous place. - Sequence of actions
For example: double click on the green button, then once on the red button, move the cursor to position 5 and click on the table cell with index 36.
Before you start working with the program, you need to create and remember one common sequence of actions that will be used for all your passwords. You determine the complexity of the sequence yourself. But remember that it will not be possible to change it in the future. Only the starting value will change.
07. Try to remember the password: 5.L!}ByZ3R"bKV{'B9E_"tant]zNce,-
You don't really need to remember anything. This password is created using mnemonics in just one click. Yes, it only took one push of one button. Since this is a mnemonic password, you can repeat the same action on any other device and get the same result. At the same time, the created password is not stored anywhere, it is created each time according to a complex algorithm in response to your actions. This needs to be said again. The password in this example is not just a random set of characters. This is a mnemonic password. It can be repeated at any time and on any other device by pressing the same button in the same way. You do not need to remember or write down every character of this password, you only need to remember one button.
08. Protection against random matches
The protection mechanism that uses two parameters at once is responsible for creating unique passwords for different users in the program: pin-code and master-key. For security reasons, it is recommended to use both of these options. In this case, no one can accidentally repeat your password, even if it is created in one click, as in the example above. But if security is not important to you, then it is enough to use only a pin-code or even an empty pin-code and an empty master-key. The program does not impose any actions on you and provides complete freedom of choice.
09. Possibly the most secure password manager
If you use mnemonics, then the passwords are not stored anywhere and hacking the program loses all meaning. But even if you store passwords, then two algorithms are used at once to encrypt them: AES-256 and cryptamaru. And in order to gain access to encrypted data, you need to pick up not one, but two independent keys at once, as well as bypass dynamic protection for each entry. But this will not be enough, since passamaru does not store passwords.
10. Passamaru never stores passwords
If we talk about classic passwords, then any password is a regular text string. Even if password managers store them in encrypted form, they still contain real characters.
In passamaru, everything is arranged differently. Each character of the password is replaced with a cell index from the mnemonic table. In turn, the contents of the cells depend on the pin-code. Without the correct pin-code, you will get just a random set of characters.
If you use mnemonic passwords, then an attempt to crack the program and select a pin-code lose all meaning, since in this case the program does not even store indexes.
11. Don't leave a digital footprint
One of the advantages of mnemonics is that it allows you to hide the existence of an account and its password. Just don't create an entry in the program's library. In this case, if an outsider gains access to your program, he will not see entries that are not there. At the same time, using mnemonics, you can easily recover your password at any time and on any device.
12. Multilevel protection system
- Pin-code
Generates a unique mnemonic table, manages the program algorithms and partially encrypts data. - Master-key
Together with the pin-code, it creates unique passwords for the current user. - Sequence of actions
Generates unique passwords based on user actions. - Master-password
Together with a pin-code, it encrypts data and closes access to sections of the program.
13. Additional encryption key for the paranoid
In the "Cards" and "Storage" sections of the program, an additional encryption key can be used for each entry. This key is used to encrypt bank card data and user text using an obfuscated algorithm with random character replacement.
There is only one limitation, the algorithm works for languages: english (EN), russian (РУ). Over time, new languages will be supported.
14. Auto mode makes the job easier
The program has the ability to switch to automatic mode. In this case, for each of your actions, the program will create complex mnemonic passwords of the specified length. Click on any cell of the table or enter the site address and you will immediately get the result that does not require additional actions.
15. Record a macro from your actions
A mnemonic involves performing a series of actions to recover a password. On the one hand, these actions are one of the elements of protection, on the other hand, it can be difficult to repeat the same actions every time. In this case, the sequence of actions can be recorded as a macro and performed by pressing a single button. This is very convenient, but less secure.
16. You are not limited in anything
Passamaru is designed in such a way that it does not force the user to do what he does not want to do. You decide how to use the program, store passwords or not, use a pin-code or not, whether you need a master-password or not. You can just use only one "Key" page without storing anything in the library and without configuring anything. The choice is yours.
17. No tracking
Passamaru is focused on maximum security and does not spy on users. Moreover, the program does not have permissions to access the Internet, which means that the application cannot send any data to the developer or third parties. For this reason, synchronization between devices is possible only in manual mode by the user himself.
passamaru@gmail.com
The project is created and supported by amaru: 2020 -2024
passamaru
Password manager