Skip to content

Passgen
Compare
Choose a tag to compare
@therealOri therealOri released this 20 Jan 21:38
· 368 commits to main since this release
v1.0.0
1b03f79
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

A new passgen version has now been released!

(First time testing out this feature, sorry if things are missing or wrong).




Fixed:

  • A critically bad flaw with how things were being encrypted and stored.


About:

  • Before the update, when a password was being encrypted, it'd use whatever the IV was in the .ecr.bin file that'd be generated...however, when you added another password to the database, it'd overwrite the iv already being stored in the .ecr.bin file, thus borking the rest of your passwords and they won't ever be decrypted.


Changed:

  • The IV for the password is now stored in the db with the appropriate password. This should fix the issue of password IVs being overwritten. I am still going to try and work on this new method of storing the IV more secure than just base64 encoding the thing. (Help with this would be appreciated.)

Assets 4
Loading