extension ExtPose


CRX id


Description from extension meta

Generate different passwords from single master password using cryptographically strong method (PBKDF2 with SHA-256).

Image from store CryptoPass
Description from store IMPORTANT: Please understand the risks of password generators: https://crypto.stackexchange.com/a/5691/291 Create strong passwords for different websites (or anything else) using a single secret key. If you lose your password for a website, you can regenerate it if you remember your secret key, username, and address of the web site. There's no need to remember or store multiple passwords if you can derive them from your master key. How to use ---------------- 1. Make up a secret master key (at least 16 characters for better security) and remember it. Keep it secret! You will use it every time you need to generate a password. 2. Click on the extension icon. 3. Enter your username for the website. It can be anything, you just need to remember it. 4. Enter URL of the website (it is prefilled). 5. Click a button: "Show" to generate and show password, or "Fill" to generate password and try to fill form on the current webpage with username and password (pressing Enter does "Fill"). Examples -------------- For example, your secret key is: "my super secret" (do not actually use this, think of something better and longer) Username: tester URL: google.com Your generated password will be: Juq5MzGrXU7zivT13MHdpXGzq Use it for your account. Username: somebody_else URL: twitter.com Generated password: ydPFMc7isTa1mBlFOFiYSmjXV Every time you enter "my super secret" plus "somebody_else" as username and "twitter.com" as URL, you will get exactly the same generated password as above. Algorithm -------------- password = base64(pbkdf2(secret, [email protected])) PBKDF2 uses SHA-256 and 5000 iterations. Cuts password to specified length (25 by default). Source code: https://github.com/dchest/cryptopass/ This extension doesn't use any web services, everything is done on your computer. Warning for reasonably paranoid: there is a security risk in how Chrome handles autoupdates of extensions: if somebody gains access to Google servers or my developer account, they could put backdoor in this extension and re-upload it. You would get this modified version, and Chrome would not notify you. If you want to avoid this risk, use the source code linked above to install the extension on your own. --- Unofficial Android versions (the author of this extension is not responsible for these apps): CryptoPass: https://play.google.com/store/apps/details?id=krasilnikov.alexey.cryptopass Simple CryptoPass: https://play.google.com/store/apps/details?id=no.haitech.simplecryptopass

Latest reviews

  • (2021-11-14) Jayla 27: It was fake i typed in my username and it gave me a huge password that was dumb not what i expected
  • (2016-07-07) rene ramon robles ruiz: es muy util para evitar el acceso a passwords de cuentas importantes; ademas de que es compatible con android
  • (2012-06-19) boaz vishkel: Не буду объяснять как работает, объясню не очевидное: как сделать новый пароль для того же сайта? Взять старый пароль и использовать его в поле username или secret. Можно генерировать secret с длиной 16+ как предлагает хелп, а результатом уже делать пароль. Море вариантов!
  • (2012-06-16) Thomas Morris: Would be good if you could specify how many rounds are used.

Latest issues

  • (2017-11-30, v:1.12) Keyboard shortcut
    It would be great to have a keyboard shortcut to open this extension, so that I don't have to move my hand to the mouse whenever I log into something :-) Thanks!


349 history
4.7 (30 votes)
Last update / version
2019-07-23 / 1.12
Listing languages