gPass

gPass Commit Details

Date:2017-12-05 08:06:48 (1 year 13 days ago)
Author:Grégory Soutadé
Branch:master
Commit:b216ec99285ec72cfaf7b05b781414f6163eedd1
Parents: da4a99a6ef93f36b991498e6daaacc7fc26400a9
Message:Add Privacy Policy information

Changes:
APrivacyPolicy.md (full)
MChangeLog (1 diff)
Mchrome_addon/lib/main.js (1 diff)
Mchrome_addon/manifest.json (1 diff)
Mfirefox_webextension/manifest.json (1 diff)

File differences

ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
113
214
315
**v0.8.1 :**
Server
* Scroll to page bottom when user adds a new password
Addon
* Add Privacy Policy information
CLI
**v0.8 :**
Server
PrivacyPolicy.md
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
gPass web browser extension Privacy Policy
------------------------------------------
## Information we collect ##
The gPass extension collect three information once invoked :
* Site address URL
* Login name
* Master key
## How we use information we collect ##
Once collected, site address and login name are crypted by a derived version of your master key.
It's then sent to the server you configured in extension configuration page for comparison.
This server has been set up by the user himself (recommended) or by a provider he trust in.
The database that the server access to do comparisons only contains the crypted
version of your information. They are never decrypted in the server side.
If a comparison match, the real password is sent back to your extension were
it's unencrypted using the same key.
Finally, the application context is cleared and nothing is retained in memory
nor written anywhere.
## Accessing and updating your personal information ##
As a user, you can add, edit and delete your crypted information through
the web interface of the configuration defined server.
During these operations, no clear information is sent to the server.
## Information we share ##
Nothing is shared with anyone. Nor on extension side nor on server side.
## Information security ##
Information transmitted to the server are done through an HTTPS AJAX request.
Data are crypted using AES 256 CBC algorithm and the master key is prior
derived using PKBDF2 algorithm.
chrome_addon/lib/main.js
458458
459459
460460
461
462
463
464
461465
console.log("Self test OK !");
}
console.log("Welcome to gPass web extension v0.8.1 !");
console.log("Privacy Policy can be found at http://indefero.soutade.fr/p/gpass/source/tree/master/PrivacyPolicy.md");
console.log("");
//self_test();
chrome_addon/manifest.json
33
44
55
6
6
77
88
99
"name": "gPass",
"short_name": "gPass",
"version": "0.8",
"version": "0.8.1",
"description": "gPass : global password manager",
"icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"},
"author" : "Grégory Soutadé",
firefox_webextension/manifest.json
33
44
55
6
6
77
88
99
"name": "gPass",
"short_name": "gPass",
"version": "0.8",
"version": "0.8.1",
"description": "gPass : global password manager",
"icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"},
"author" : "Grégory Soutadé",

Archive Download the corresponding diff file