Password Tracker
Password Tracker is an application to keep your passwords in an encrypted file on disk, protected by a pass phrase so that they are safe. Even if the file containing your passwords falls in the wrong hands, the pass phrase is needed to decrypt it.
The application uses the unpatented Blowfish encryption algorithm which was invented by Bruce Schneier. The encryption is reasonably safe. The application is based on the Password Safe application from Bruce Schneier, it aims to be compatible with it.
History and Goal
I started using the original Password Safe application from Bruce Schneier, which was a native windows application, and I still find it very useful. I try to maintain a number of different computers running different OS’s. On Linux I am using WINE to run password safe. I didn’t want to be “locked in” in an old format that I didn’t understand, I was afraid my data would get lost at some point. Therefore, I wanted to be able to decode the file format myself to be able to recover my data if this would be necessary. Some things were bothering me a little bit regarding the application.
- No easy buttons to copy uid/pwd (both, not only the password).
- Cross platform – no dependency on WINE – PC, Linux, OSX.
- New password safe format 2.0.
- Import/export to plain text to prevent lock-in.
- Changing the password generating stuff, sometimes I need longer/shorter passwords with other requirements.
The current Password Safe project hosts a Java version as well but I decided not to investigate this solution further. I noticed that there has been progress on the Java version since I started my own implementation, but I did not investigate it further. These remarks are probably not valid anymore at this point in time.
- Code not clear and clean.
- Dependency on external libs.
So I decided to rewrite the complete application from scratch without reusing code. Simple to install, clean lean interface, a handy polished tool.
Credits
Idea of the application comes from the Password Safe application. This was first written by Bruce Schneier, and than transferred to the open source community. It is now available at: http://passwordsafe.sourceforge.net. The Password Safe project was important to know the file format, especially the header format which is not trivial.
I found some more information about the file format in another open source project which is also based on the Password Safe application. It is the Password Safe password database application which can be found at: http://nsd.dyndns.org/pwsafe.
Password generator:
- The classification system (11 categories) comes from a script written by David Finch. The generator algorithm does not, I wrote this myself.
Encryption:
- Written from scratch based on the example provided by Bruce Schneier in the book: ‘Applied Cryptography , Second Edition’, John Wiley & Sons, 1996, ISBN 0-471-11709-9.
Libraries:
- The prepackaged version uses the JGoodies Looks look and feel. You can find more information on the JGoodies website: http://www.jgoodies.com.
Project Links
- PATRA in SourceForge. This is the PATRA project page at SourceForge.
- Downloadable Files in SourceForge. These contain binary downloads as well as source downloads.
- Browse the subversion repository.