gPass : global Password for Firefox and Chrome Introduction gPass is an online, open source and self hosted password manager. It helps you to have a different and complex password for every account you own while only remembering one (or multiple) passwords ! To have a high level of security, all information is stored encrypted (salt + AES 256-CBC). Nothing is stored on client. The decryption is done on the fly when its needed and only with user input. So, a hacker can get your password database, it will not be able to see any information (except if it brute force or leak your masterkey) ! Thus its important to choose a strong masterkey ! Usage First thing is configuration : 1) Enable the extension for private browsing 2) Install your server (see below), or use the demonstration one and create your accout 2) Go to extension options and configure your server address ('https://server name/account') 3) Populate your password database. You can use '*' character to access to all subdomains of a specific website (ie *.google.com). Then usage : When youre in a login form and you want to use gPass, type your login (case sensitive !) and fill '@@masterkey' in password field (only if gPass icon is green !). Then submit and password will automatically be replaced by the one in the database (after addon decrypt it). **You can also type '@_masterkey' to only replace your password without automatic submit. This allows to support more websites.** Another option is to enter your credentials in the new popup menu by clicking on gPass icon. If its possible, gPass will auto fill password field, if not result password is stored into your clipboard. **Popup path is a safest method as website page will never see your masterkey.** ** Warning ** : Sometimes, addon could make some websites unusable, especially for login form. In this case, you can deactivate it for only one website by clicking right on gPass icon and 'disable or enable gPass for this website' in addon menu. Its a local configuration, so it must be done for each browser. gPass can also be disabled for ALL websites thanks to addon menu 'Disable or enable gPass for ALL websites'. _When gPass is disabled, you can still use popup feature_. Server To host a password server, you need a webserver. Just copy server files in a directory read/write for web server user (www-data). A sample apache2 configuration file is available in resources. Since v0.8 and the use of Crypto API, **its manadatory to have an HTTPS access (valid SSL/TLS certificate) to the server**. Without that, the decryption will fails. Configuration parameters are in conf.php A demonstration server is available [here](https://gpass-demo.soutade.fr). Its the default server configuration for fresh installed addon (user demo). **Warning** The master key derivation is partially based on account URL. So its linked to your current server information. You cant move databases from servers with different URLs, you need to export them and import it again. **Server side is available [here](http://indefero.soutade.fr/p/gpass/downloads)** Client Just install the package. You can have debug information by setting DEBUG in main.js. License All the code is licensed under GPL v3. Source code is available [here](http://indefero.soutade.fr/p/gpass). Privacy Policy Privacy Policy can be found at http://indefero.soutade.fr/p/gpass/source/tree/master/PrivacyPolicy.md
You can Follow the below Step By Step procedure to install the gPass Chrome Extension to your Chrome Web browser.
It is the gPass Chrome extension download link you can download and install Chrome Browser.
Quickly encode or decode string with a certain encryption or get the query for a certain web hacking method.
The all in one Red team extension for web pentester
High security encryption for email. PassLok is in no way associated with Gmail, Yahoo, or Outlook.
Intuitive Password® streamlines your web login experience, allowing you to access any website with just a single click.
Pwd'hash' 1.7 for Chrome. Automatically generates per-site passwords if you prefix your password with @@ or F2.