Sesame

Chrome password manager
Fingerprint authentication
Register screen
Pin entry

Inspiration

Currently, 2-step verification leaves much to be desired and is not nearly ubiquitous enough. We always have our phones at arms length, so why not use them to identify ourselves online?

What it does

Sesame allows users to securely store email/username and password combinations in the cloud. Upon visiting a site, the chrome extension sends an authentication request to the mobile device, where a fingerprint is enough to complete the sign in.

How we built it

Mobile application

Built in javascript using Cordova
Cross-platform
Uses socket.io to communicate with the server

Chrome extension

Fully-featured password manager
Also written in JS

Web server backend

NodeJS environment
CouchDB storage

Challenges we ran into

Sleep
Creating a system where API calls are authenticated before they are resolved

Accomplishments that we're proud of

Finishing
iOS keychain storage & fingerprint scanning
Usabilty of the chrome extension
The speed of the entire process of authenticating using a mobile device

What we learned

How to write a chrome extension
Cordova
Saving a partial hashed key to verify pin is correct, using the other piece to encrypt the data

What's next for Sesame

API that allows web services to use Sesame as the primary form of authentication.
Native push notifications
Link multiple devices to an account

Built With

Submitted to

HackDFW 2016
- Winner Third Place

Created by

I developed the backend using node and express. To allow for asynchronous authentication I learned to pass response objects between routes.

Sebastian Klingler
I made the Chrome extension. It was my first time developing a native extension. I learned about cross-tab communication.

Michael Theriot
Austin Stanley
Scott Haley

Updates

Sebastian Klingler started this project — Apr 17, 2016 10:00 AM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.