snopf is a Tiny USB password token
snopf is a very simple, yet effective and easy to use USB password tool. The snopf USB device creates a unique and strong password for every service from the same 128 bit secret which never leaves the token.
Whenever snopf is plugged into the computer you can make a password request and then the red LED will light up. If you press the button within 10 seconds snopf will imitate a keyboard and type the password for the requested service.
snopf is designed as a hardware-based password generator to tackle the security issues most commonly encountered with stored passwords on ordinary PCs, such as reading of password files by malware or browser exploits. It generates passwords deterministically from a securely kept master secret unaccessible to software running on the host.
Advantages of snopf
- Very simple and robust design
- Easy to use
- You don’t have to remember any passwords anymore (except preferably a master PIN for snopf)
- Every password is unique and as strong as the accessed service allows
- The actual password creation is only happening on the USB device
- It is possible to restore all passwords from a 12 word mnemonic representing the 128 bit secret
- It’s more secure than a common pure software based password manager because the password creation is physically detached from the computer
- As snopf emulates a regular keyboard, no passwords are stored in the clipboard
more details about the snopf project can be found on github.com