Jump to content

PassSecure


JSunn
 Share

Recommended Posts

PassSecure 1.5.0.23

PassSecure is a program built for secure password storage. I leverages the power of SkinnyWhiteGuys CryptoSuite AES algorithm and AutoDaves excellent KeeForm program for automatic password entry. PassSecure has the following features:

Features:

  • Secure account storage using secure AES encryption
  • Automatic login and username / password entry on webpages
  • Antitamper mechanism to prevent others from tampering with your password file.
  • Automatic program lock after a user definable period
  • Minimize to tray
  • Import / Export of account data to CSV.
  • Multi-user program with distinct program settings for each user.
Included in the zip file is:
  • PassSecure source.
  • a CSV template for importing your accounts into PassSecure.
  • Keeform source.
  • trayicon file
Screenshots:

Main Interface

Posted Image

New Account Interface

Posted Image

____________________________________

Changes added in 1.5.0.23 since last release:

Bug fixes

*v3.2.10.0 Compatibility fixes for GuiList control - Fixed by gesller THANKS!!

____________________________________

New features added in 1.5.0.19 since last release:

*Added Background Start with Windows feature

Bug Fixes

*Fixed website auto-logon bug

*Fixed Import / Export bug (improper column assignment on Import)

*Fixed Edit account interface where Internet options were enabled on a non Internet account.

*Added GUI input field cleanup where needed.

____________________________________

Instructions:

To run PassSecure extract the files into the same folder and run the exe file (or compile it yourself)

Keeform.exe MUST be in the same directory as PassSecure.exe.

IMPORTANT:

It is strongly suggested to change the encryption keys before using.

As far as the code itself goes you are free to modify it to your hearts content, HOWEVER - please include credit to the original author (ME!) in any derivative works you post / compile, and please post the source to your modified code so others can learn. I welcome your questions, comments, and suggestions!

Thanks!

-John

PassSecure1_5_0_23.zip

Edited by JSunn
Link to comment
Share on other sites

Nice!! That is very well put together.. :) Any new features planned to be added?

Thanks for the input and the compliment - its appreciated! As far as new features - I was hoping for suggestions. But I've been thinking of a few things in order of preference:

  • Update it to Rijndael encryption using the latest CryptoSuite update from SkinnyWhiteGuy.
  • Currently Obfuscation is failing during compile due to string length limitations in the obfuscation code. I think the Rijndael update may have found a way around this problem so the code can be obfuscated during compile once the crypto stuff gets updated.
  • Add a "Startup when Windows starts" tick box in the settings dialog. (It already has the ability to run in "background" startup mode, so this should be pretty trivial to implement)
  • Add a password generator function to the new account creation / edit account interfaces.
  • Maybe update the main gui interface to something more aesthetically pleasing? Suggestions?
  • Allow the user to generate their own keyfile for two factor authentication.
  • Create documentation for a help file.
and finally, hopefully I can get a bunch of suggestions here on the forums (if there is enough interest) to improve it based on your feedback.

Thanks!

-John

Link to comment
Share on other sites

Sounds like you have some great ideas already. I see one little bug in the view gui after setting a URL and ticking use autologin if you doubleclick the record it errors out for me I get this error only when the use "Enable Autologin for this site is checked.

That one really big thing I can think of off hand is using the clear input fields scrip posted the other day. I was going to post you a link and I can't find it now. It will as described clear your text in an input field when a user types. Looks very professional.

Link to comment
Share on other sites

  • Moderators

Sounds like you have some great ideas already. I see one little bug in the view gui after setting a URL and ticking use autologin if you doubleclick the record it errors out for me I get this error only when the use "Enable Autologin for this site is checked.

That one really big thing I can think of off hand is using the clear input fields scrip posted the other day. I was going to post you a link and I can't find it now. It will as described clear your text in an input field when a user types. Looks very professional.

Since the Run() function doesn't have an actual path to the keyform.exe, is it in the same directory as the PassSecure.au3?

Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Link to comment
Share on other sites

Just a suggestion: In the New account screenshot; Where the password fields are (And I'm guessing your using an input) put:

CODE

$ES_PASSWORD

This into one of the styles in both password inputs.

That will make sure it will display * each time you enter a character.

Edited by JustinReno
Link to comment
Share on other sites

Hi - Thanks for all the feedback so far. I forgot to add that keeform.exe must reside in the same directory as PassSecure.exe in order for automatic form fill to work properly. As far as the password input fields go, I was struggling with whether to obscure them as password fields or not. But I think you have a good point with your suggestion to add the $ES_PASSWORD property so it will be implemented. Thanks again you guys for the comments, they help!

As far as the comment goes:

you safe it maby high encrypted. But we can read you source and its not a hash or something. So its always reversable.

Same safety as base64 or shit -.-

Edit: but nice looking gui

Jaenster,

Perhaps you should look at the source a bit more - and think about how encryption works versus hashing functions. Passwords alone are fine for one way, non-reversible hashing functions, just because once the hash is created it gets compared to another stored hash thereby only producing a match or a non-match (True or False) Encryption, on the other hand essentially is the mathematic obfuscation of data using a key string. Only with the key string can the data be decrypted. TWO completely different methodologies. One returns true or false, the other returns more data than you entered for authentication (IE more than just the keys string / hash)

I saw you were first just going to bash it and leave probably without even looking at the source. Then you decided to edit and add a nice comment about the gui. Do us a favor and try to understand what you are talking about before posting negative comments about somebody else's code. FYI Encryption is ALWAYS reversible and is commonly used for these types of programs. Hash functions on the other hand are more common for username / password authentication only.

Thanks everyone else for the positive comments and suggestions. I've been trying to learn more about the GUI functions in autoit and these forums have been an excellent resource. Thanks for taking the time to look and send feedback, again it couldn't have happened without AutoDave's keeform and SkinnywhiteGuy's CryptoSuite. Credit goes to them.

-John

Link to comment
Share on other sites

Just a suggestion: In the New account screenshot; Where the password fields are (And I'm guessing your using an input) put:

CODE

$ES_PASSWORD

This into one of the styles in both password inputs.

That will make sure it will display * each time you enter a character.

Thanks Justin - I added the $ES_PASSWORD style to both the edit and new account forms.

Regards,

-John

Link to comment
Share on other sites

  • 1 month later...

Okay I've gotten around to fixing most of the interface bugs (not all) in the latest (1.5.0.22) version but I didn't have much time to implement some of the features I wanted to. - Just the "Run at Windows startup" feature. Have a look if you get a chance, I'd appreciate the feedback!

-John

Link to comment
Share on other sites

  • 1 month later...

I downloaded this script to have a look-see, but it wouldn't run under the version of AutoIt I'm running - v3.2.10.0.

I'm still new at this language, but I tried to fix incompatibilities as follows:

1) Changed #Include <GuiList.au3> to #Include <GuiListBox.au3>

2) Changed #Include <GuiCombo.au3> to #Include <GuiComboBox.au3>

3) Commented out the line "Global Const $WM_NOTIFY = 0x004E" as it gave the error: ERROR: $WM_NOTIFY previously declared as a 'Const'

4) Replaced all on "_GUICtrlListView" to "_GUICtrlListView_"

This allowed me to run the script, but it's not right. For example, I can create a profile, and add records, but selecting an entry in the tableview or double clicking an entry causes an empty edit form to show. And trying to delete an entry somehow duplicated the entry I was trying to delete.

Is there an updated version for the new release of AutoIt? Or is it just a simple fix to correct the posted version? Or did I just do something stupid and can't see it?

Thanks!

Edited by JBJB
Link to comment
Share on other sites

I downloaded this script to have a look-see, but it wouldn't run under the version of AutoIt I'm running - v3.2.10.0.

I'm still new at this language, but I tried to fix incompatibilities as follows:

1) Changed #Include <GuiList.au3> to #Include <GuiListBox.au3>

2) Changed #Include <GuiCombo.au3> to #Include <GuiComboBox.au3>

3) Commented out the line "Global Const $WM_NOTIFY = 0x004E" as it gave the error: ERROR: $WM_NOTIFY previously declared as a 'Const'

4) Replaced all on "_GUICtrlListView" to "_GUICtrlListView_"

This allowed me to run the script, but it's not right. For example, I can create a profile, and add records, but selecting an entry in the tableview or double clicking an entry causes an empty edit form to show. And trying to delete an entry somehow duplicated the entry I was trying to delete.

Is there an updated version for the new release of AutoIt? Or is it just a simple fix to correct the posted version? Or did I just do something stupid and can't see it?

Thanks!

Thanks for pointing out the problems. Its been a while since I've looked at the code, and I definitely haven't tried it on the latest version of AI. Let me have a look.

Thanks,

John

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...