Password manager PasswordHub — RedCoolMedia

PasswordHub is a Password Manager for generating, sharing, editing, and categorizing passwords in your personal cloud. It provides both client side and server side encryption (using combined EtM [Encrypt-then-MAC] and MCRYPT_BLOWFISH encryption with user-specific and database entry-specific data), where only the user who creates the password is able to decrypt and view it. So passwords are stored heavily encrypted into our cloud database.

Main Features

- Compatible with KeePass, 1Password, LastPass, SplashID or every other source, as long as passwords are exported as CSV.
- Generated passwords are in fact pseudo-generated because only the Javascript Math.random-function is used. After generation of different types of characters scrambling of these characters is done using the Fisher-Yates shuffle.
- Provides both server-side encryption (since encryption takes place on the server, before the data is placed in the database table) and client-side encryption (since encryption is performed with a key that is not known to the server). All passwords are stored into our own using encryption done using a key built from user-specific and database entry-specific data so it is unique for every encrypted block of text.
- It uses Encrypt-then-MAC (EtM), which is a very good method for ensuring the authenticity of the encrypted data.
- It uses mcrypt to perform the encryption using MCRYPT_BLOWFISH ciphers and MCRYPT_MODE_CBC for the mode.
- Passwords can be decrypted only by the user who created the password. Other users or administrators are never able to decrypt passwords, since they cannot login as the user (assuming the user's password isn't known).
- Ad hoc share key is created everytime a share is initiated. This is a 256-bit strong hash, with no retrievable information. The share key is stored encrypted as above for the user who shares a password and copied to another table where this key matches the password ID.