PSWD

About PSWD Android App

PSWD is a pseudo-random password generator that creates seemingly random site-specific passwords composed of uppercase and lowercase letters, numbers and (optionally) symbols. However, when given the same set of input information, the same final password is generated. This means your passwords don't need to be stored anywhere - when needed again they can simply be regenerated.


At a minimum: a username, master password and site domain are required to generate a site-specific password (this generates a different password for each website or service). Optional parameters include final password length, the inclusion of uppercase letters, the inclusion of symbols, the symbol characters to choose from, and the number of SHA-256 hashes used to create the final password.


The password generating algorithm uses two steps of cryptographic SHA-256 hashes:

1) The first step hashes the username and master password to create a user token, which is then cached locally. This step is designed to take a significant amount of time (a couple of minutes) to thwart any attempts of brute forcing your master password form a stolen site password.

2) The second step hashes the cached user token, master password and domain (this step takes a much shorter amount of time). The hash result is then formatted to meet the final password parameters.


------

For details about the password generating algorithm, different implementations of the algorithm (including a python script), and to view the source code: visit https://github.com/dwaring87/pswd