We wanted to create something relevant to the security theme and also wanted to dabble in new technologies and frameworks we've never used. We attended the
NodeJS workshop and decided we would use these technologies in our hack since we had little to no experience with them. Due to the obvious time constraints of the hackathon, we kept our idea small and went with a password phrase generator and manager in light of Stony Brook's update on switching to pass phrases for NET IDs instead of passwords.
What does it do?
- Generates unique password phrases (given a keyword and length option) and stores them in a database (MongoDB).
- Calculates the individual and average strength of each password using an algorithm that measures its entropy or randomness.
- Handles logins via Google Passport Authentication so users can see their pass phrases.
How did we built it?
- We used
Express.jsframework along with
mongooseframework to handle the backend.
- We used
Cirrus, a CSS framework to handle the frontend.
- We also used
Google Passportto authenticate the logins.
Challenges we ran into?
- The learning curve for Node was steep so there was definitely some difficulty figuring out what we had to use to call our database "queries".
- MongoDB is not based on a relational type of database which were usually accustomed to so again, there was a learning curve on trying to figure out how to build the schema to match our JSON data structure.
What are the accomplishments that we're proud of?
- Actually finishing a "fully" functional full stack application within a day.
- Overcame the learning curve for frameworks and technologies we have barely/never touched.
What have we learned?
- A bunch of new frameworks and technologies.
- How to not sleep (those caffeine chocolates work wonders).
What's next for Phraze?
- Multiple forms of authentication besides Google.
- Two Way Hashing to provide better security for pass phrases.
- Providing more flexibility in modifying phrases already generated for the user.
- Better User Interface.