[IOT] NoPass

An IOT Device that unlocks your password manager

NoPass

What is it?

A key to forget about passwords. Once and for all.

What do we fix?

Remember your passwords? The solutions exists for a long time and in many forms: free and proprietary password managers, one-time passwords, native browser autofills and so on. No, that is not the problem anymore.
Add more security? It is always good to add more security, isn't it? From a safety point of view, that is. But that is not the issue now - what we are fighting for is the simplicity of the authentication.

Who will need this?

People that care about their online safety.
Companies that are looking for centralized corporate solutions to support and simplify the execution of security policies.

How did we do it?

The master password is stored on the Bluetooth Low Energy device. When needed, the application asks the blueetooth device for the password. Then the application generates the password using the LessPass solution for the stateless password management that is generating the password by using a pure function that accepts the master password, website, username and generates the same password for any call with the same parameters.

What did we do?

Desktop application with stateless password management.
Connection between the bluetooth device and desktop application.
Plugin for the Google Chrome with the autofill for login forms and password generation for the registration forms.

What are we planning to do?

Get rid of the desktop application - password generation can be done on the device. That will also rise the security of the solution, as we will not share the master password with anyone.
Extend the support for other platforms: Android, iOS; and browsers.

What's next for NoPass?

Full statelessness - the website address, logins, password profiles and password version numbers have to be stored in the database.
Account unlocking - if the device is lost or broken, having an easy way to reset all the passwords.