Never Forget

Inspiration

I tend to use one base password and then permutations of that for many sites that I register for. This isn't the most secure and with so many companies being exploited, I decided I wanted to be a bit more secure with my passwords. I didn't want to worry about remembering complicated passwords or having to keep a flash drive with all of them and so I came up with this.

What it does

This project hosts a single web server. That server is a proxy of sorts to "http://www.google.com". As you log in to your Google account, instead of using your actual password, you just type "password". The server takes over from here and automatically fills in your password for you.

How I built it

I built it using C#'s HttpListener to handle HTTP requests to my server. The server takes the request and sends it out to Google. The response is a web page. That web page is automatically edited to work with the proxy and then sent over to the client. When you submit the form for logging in to your Google account, the server captures the form inputs and edits the password box to reflect your actual password. This updated form is then sent to Google for authentication and the proxy continues to handle the client from there.

Challenges I ran into

Web pages tend to be built around the fact that they are operating within the browser that the user is viewing them on. In order to edit data coming from the user, I had to break this convention and work around the implementation details that it entails. For example, cookies had to be continues between the server's requests to google and the users requests to the server. Headers for the requests to Google had to reflect an actual browser. And links had to be redirected to special paths that could be handled by the proxy server.

Accomplishments that I'm proud of

There is a lot of conservation of data in this project and that has been a struggle for me in the past. There are also intuitive algorithms for patching the link system and cookie system.