Seed phrase passwords (and username) generation #1784
trymeouteh
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
There is 2/3 parts to this...
Generate password (and even usernames) from seed phrase
You can click the Dice button to generate a password or passphrase which is great! I would like to suggest adding a third option which is generating a password from a seed phrase. You can either generate 12 or 24 words or paste some words into the seed input and set an optional passphrase and it will generate a password. You can choose which password to generate with a index starting at 0 to infinity!
Here are the fields for the seed password generator
The generated password would be the generated the private key and the username would be the first private public key. For accounts that require a username for signup, a user could use the seed phrase to generate a unique username as well and the username will be the public key. However, the username will always be the 0 index public key, even if the current password (private key) being used is using index 3 for example. To demonstrate this, use the bip39 demo page and set the BIP39 Mnemonic to
change festival maid lift match inform idle joke wash grain juice beyondand scroll down to view the Derived Addresses and think of the username that will be generated to be1EvnaZnkH5iWkbaGzxX924sc7HvZBxEHx8and the generated passwords being these passwords...Save password from seed phrase
The usecase here for using a seed phrase to generate a password for your account is to allow a user to essentially only need to remember a 12/24 seed phrase (and passphrase if a passphrase is used) and if they lose their keepass database, they can still recover their passwords using the seed phrase.
This feature will be the same as the feature above but to generate a password from a seed phrase and save it in an entry into the database.
A few more fields should be added alongside the password field in a key entry which will all be optional
If a user does not wish to store the seed phrase inside the entry, they can store the rest of the input (name, passphrase, index) to know how to regenerate the password. Or the user can simply only store the seed phrase and password in the entry.
With this method a user who remembers their seed phrase (and passphrase if a passphrase is used) can easily recover the password. If the password is not generated by index 0, try index 1, 2 , 3, etc. If a user changes their password often such as monthly, they can generate their password using the index as year and month (202401, 202402, 202403, ..., 202411, 202412, 202501)
And a username can be generated from the public key as described above.
Trezor Integration
The third feature that could go with this is integrating Trezor devices to generate password to store inside of entries. The benefits of using a Trezor is that the seed phrase is never typed into the device at all, the seed phrase is only entered into the Trezor wallet which is a secure device to store the most essential piece, the seed phrase.
And a username can be generated from the public key as described above.
This may sound redundant since the password generated is still being stored in entry in the Keepass database and is copied and pasted when logging into your online account. And this is true, however if a password is comprimised, a user can still keep their seed phrase and generate a new password and continue on.
Integrating the Trezor device could perhaps introduce an option to only store a password name (recommended), passphrase (optional) and index (optional) entry and KeepassXC could always generate the password on the fly if the user plugins in their Trezor and generate the password using the password name, passphrase and index fields to get the password.
Conclusion
This will be useful for those who are password savvy!
bip39 Key Generator Demo
https://iancoleman.io/bip39/
Beta Was this translation helpful? Give feedback.
All reactions