Skip to main content

It's like SnapChat... for Passwords.

Project description

Latest version released on PyPI

It’s like SnapChat… for passwords.

This is a web app that lets you share passwords securely.

Let’s say you have a password. You want to give it to your coworker, Jane. You could email it to her, but then it’s in her email, which might be backed up, and probably is in some storage device controlled by the NSA.

You could send it to her over chat, but chances are Jane logs all her messages because she uses Google Hangouts Chat, and Google Hangouts Chat might log everything.

You could write it down, but you can’t find a pen, and there’s way too many characters because your security person, Paul, is paranoid.

So we built SnapPass. It’s not that complicated, it does one thing. If Jane gets a link to the password and never looks at it, the password goes away. If the NSA gets a hold of the link, and they look at the password… well they have the password. Also, Jane can’t get the password, but now Jane knows that not only is someone looking in her email, they are clicking on links.

Anyway, this took us very little time to write, but we figure we’d save you the trouble of writing it yourself, because maybe you are busy and have other things to do. Enjoy.

Security

Passwords are encrypted using Fernet symmetric encryption, from the cryptography library. A random unique key is generated for each password, and is never stored; it is rather sent as part of the password link. This means that even if someone has access to the Redis store, the passwords are still safe.

Requirements

Installation

$ pip install snappass
$ snappass
* Running on http://0.0.0.0:5000/
* Restarting with reloader

Configuration

Start by ensuring that Redis is up and running.

Then, you can configure the following via environment variables.

SECRET_KEY: unique key that’s used to sign key. This should be kept secret. See the Flask Documentation for more information.

DEBUG: to run Flask web server in debug mode. See the Flask Documentation for more information.

STATIC_URL: this should be the location of your static assets. You might not need to change this.

NO_SSL: if you are not using SSL.

URL_PREFIX: useful when running snappass behind a reverse proxy like nginx. Example: "/some/path/", Defaults to None

REDIS_HOST: this should be set by Redis, but you can override it if you want. Defaults to "localhost"

REDIS_PORT: is the port redis is serving on, defaults to 6379

SNAPPASS_REDIS_DB: is the database that you want to use on this redis server. Defaults to db 0

REDIS_URL: (optional) will be used instead of REDIS_HOST, REDIS_PORT, and SNAPPASS_REDIS_DB to configure the Redis client object. For example: redis://username:password@localhost:6379/0

REDIS_PREFIX: (optional, defaults to "snappass") prefix used on redis keys to prevent collisions with other potential clients

HOST_OVERRIDE: (optional) Used to override the base URL if the app is unaware. Useful when running behind reverse proxies like an identity-aware SSO. Example: sub.domain.com

Docker

Alternatively, you can use Docker and Docker Compose to install and run SnapPass:

$ docker-compose up -d

This will pull all dependencies, i.e. Redis and appropriate Python version (3.7), then start up SnapPass and Redis server. SnapPass server is accessible at: http://localhost:5000

Similar Tools

We’re Hiring!

Are you really excited about open-source and great software engineering? Pinterest is hiring!

Credits

“snappass” is originally written and by Owen Coutts and Ryan Park.

It is currently maintained by Nicholas Charriere and Yongwen Xu from Pinterest.

Thanks a lot for the contributions of:

  • Owen Coutts

  • Ryan Park

  • Yongwen Xu

  • Nicholas Charriere

  • Samuel Dion-Girardeau

  • James W Thorne

  • Brandon Davis

  • Joseph Boiteau

  • Carlos Moreno

  • Donny Winston

  • James Barclay

  • Thomas Decaux

  • Lauri Lubi

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

snappass-1.6.2.tar.gz (1.1 MB view details)

Uploaded Source

Built Distribution

snappass-1.6.2-py3-none-any.whl (1.1 MB view details)

Uploaded Python 3

File details

Details for the file snappass-1.6.2.tar.gz.

File metadata

  • Download URL: snappass-1.6.2.tar.gz
  • Upload date:
  • Size: 1.1 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.13

File hashes

Hashes for snappass-1.6.2.tar.gz
Algorithm Hash digest
SHA256 9f5057c416b35374d6c9ac32340cd05ea10e2b75c071211b5d12ebbd994adc03
MD5 8cd20d0490ad2d426461df01029ccfae
BLAKE2b-256 85da71203920a6eb03e4bbf72256246190049786335a18658e0024af261b9054

See more details on using hashes here.

File details

Details for the file snappass-1.6.2-py3-none-any.whl.

File metadata

  • Download URL: snappass-1.6.2-py3-none-any.whl
  • Upload date:
  • Size: 1.1 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.13

File hashes

Hashes for snappass-1.6.2-py3-none-any.whl
Algorithm Hash digest
SHA256 190b4dcf9085620c57dfc4da42b315682630dc5dc3029d62f23d2d5ce1d8bb6a
MD5 2f866ef1bb44a89db6d407f374d0fc77
BLAKE2b-256 e45b42f7b2746339a0e02b169fd71e7577cf200c47e4f50a6ee9b8187d22a7b9

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page