Jump to content
spudw2k

PassGen - Yet another one

Recommended Posts

Posted (edited)

So, for a long time we've (my work) been using a very poor practice when sharing encrypted email attachments. (step 1, send an email with an encrypted zip; step 2, send the password in a separate email).

In order to make exchanging encrypted attachments more secure, I put this tool together.  It generates a Password based on a (pre-shared) Key (shared manually via a secure channel), and a Passphrase.  The Passphrase is sent along with the encrypted zip and the tool uses the Key & Passphrase to re-generate the password used to encrypt / decrypt the zip.  

The password is generated by calculating a hash based on the Key and Passphrase, then coverts the first 20 bytes of the produced hash into a human-friendly password.

It also uses the CryptProtectData and Unprotect functions put together by funkey to save the Key (per user) in the registry.

image.png.27b964a4ce57e7a9f41eea507c038cd4.png

Source available here:
https://github.com/spudw/PassGen_AutoIt

Edited by spudw2k

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...