Inspiration

So at the start of September somebody made fradulent purchases on my credit card. Then someone tried to get into my facebook. I don't believe in coincidences, so it was time to nuke the planet from orbit and change my passwords.

Unfortunately, I'm guilty of password reuse. So, I wanted something that would generate 128-bit hashes and would make keeping track of them easy.

Oh, and I wanted it to be cool.

What it does

It's basically a chrome extension that generates passwords and stores them to a mongodb/node instance on heroku.

The kicker is that to access it, you have to use a totem. Your totem is a unique item that you use instead of a traditional passcode or number string ala text. It's multifactor authentication that requires both a user's phone and knowledge of what their totem is.

How I built it

Clarifai's api powers image recognition. Due to time constraints, sadly no custom learning, but it's typically accurate enough that I didn't have any problems with obscurity.

Chrome extension was javascript and jquery. I used Cordova with the Intel XDK to build the phone app. Lastly, node on a heroku instance and a mongolabs instance to tie everything together.

Challenges I ran into

I was originally going to use react native but they don't have support for camera on android yet... or really ios, for that matter. Then, I found out Cordova 5 is absolutely broken when it comes to making http requests. A lot of time was spent trying to find solutions to pretty much insurpassable problems. Eventually I just reverted to an older version of Cordova - this forced me to tone down the mobile app greatly.

Accomplishments that I'm proud of

This was my first time building a chrome extension and my first foray into taking photos on mobile. I'm really, REALLY proud of getting this all tied together - there was a point at 7:00 where I didn't think I would make it to demo.

What I learned

Don't trust Cordova.

I jest :) It was really cool to work with clarifai's api and I'm sure that I'll use it in the future. Also, it was nice to build a chrome extension for the first time - getting used to the nuances of working on the extension was more than worth it.

What's next for Totem

I cut a lot of corners and did some things that are insecure as hell - so yeah, as a password vault, those need to get fixed. I plan on using this for personal use first, so I'm going to improve the UX before going public with it.

Eventually I'd like to get some custom image training and put this out on the chrome app store + google play store.

Share this project:

Updates