We’re pretty sure that most of our readers already know it by now, but we’ll tell you anyway: the Hackaday community (writers and readers) is currently developing an offline password keeper, the Mooltipass. A month ago we published our first demonstration video and since then the development team has been fairly busy at work.
First things first: we heard (well, read) the comments you left in our previous articles and decided to make a small animation video that will hopefully explain why having an offline password keeper is a good thing. We welcome you to have a look at our script draft and let us know what you think. We updated our GitHub readme and more importantly our FAQs, so feel free to tell us if there are still some questions you have that we didn’t answer. We finally found a short but yet interesting paper about software based password keepers possible security flaws.
Secondly, a little more than 20 prototypes have successfully been assembled and some beta testers actually already received them. As they financially contributed to their units we offered them the possibility to pick a blue, green, yellow or white OLED screen (see picture above). We therefore expect things to gain speed as we’ll have users (or rather bosses) pushing us to improve our current platform and implement much needed features.
Finally, as I figured some of our readers may be interested, I made a quick video of the prototype assembly process (embedded below). It is still a little sketchy and a few changes will be made to make it simpler for production. We expect these next weeks to be full of interesting events as our beta testers / Hackaday readers will be able to judge the work we’ve been doing for so long. We highly recommend you to subscribe to our official Google group to stay updated with our adventures.
Two weeks ago we showed a first demonstration video of the offline password keeper (aka Mooltipass) the Hackaday community had been working on for the last 6 months. We received lots of interesting feedback from our dear readers and around a thousand of them let us know they were interested in purchasing the device. We agreed that preferential pricing should be offered to them, as they have been supporting this community driven project for so long.
For the next few days I will be touring Shenzhen and finally meeting the persons who have been assembling my electronics projects for the last 2 years, including the Mooltipass beta testers’ batch. I’ll also meet with Ian from Dangerous Prototypes, talk with the people behind the Haxlr8r program, visit Seeedstudio offices and a CNC shop. If everything goes well with the camera I just purchased in Hong Kong I should have nice things to show you. In the meantime, don’t hesitate to leave a comment below in case you’re in the area…
For months our dear Hackaday readers have been following the Mooltipass password keeper’s adventures, today we’re finally publishing a first video of it in action. This is the fruit of many contributors’ labor, a prototype that only came to be because of our motivation for open hardware and our willingness to spend much (all!) of our spare time on an awesome project that might be just good enough to be purchased by others. We’ve come a long way since we started this project back in December.
In the video embedded above, we demonstrate some of our platform’s planned functionalities while others are just waiting to be implemented (our #1 priority: PIN code entering…). A quick look at our official GitHub repository shows what it took to get to where we are now. What’s next?
We need your input so we can figure out the best way to get the Mooltipass in the hands of our readers, as our goal is not to make money. The beta testers batch has just been launched into production and I’ll be traveling to Shenzhen in two weeks to meet our assembler. When materials and fabrication are taken into account we expect each device to cost approximately $80, so please take 3 seconds of your time to answer the poll embedded below :
The Hackaday community is currently working on an offline password keeper, aka Mooltipass. The concept behind this product is to minimize the number of ways your passwords can be compromised, while generating and storing long and complex random passwords for the different websites you use daily. The Mooltipass is a standalone device connected through USB and is compatible with all major operating systems on PCs, Macs and Smartphones. More details on the encryption and technical details can be found on our github repository readme or by having look at all the articles we previously published on Hackaday.
As you can see from our commit activity these last weeks have been extremely busy for us. We finally have a firmware that uses all the different libraries that our contributors made but also a chrome plugin and extension that can communicate with our Mooltipass. We’re very happy to say that our system is completely driverless. A video will be published on Hackaday next week showing our current prototype in action as some of the contributors are already using it to store their credentials.
We selected 20 beta testers that will be in charge of providing us with valuable feedback during the final stages of firmware / plugin development. Selection was made based on how many passwords they currently have, which OS they were using but also if they were willing to contribute to the prototype production cost. We expect them to receive their prototypes in less than 2 months as the production funds were wired today.
We think we’ve come a long way since the project was announced last december on Hackaday, thanks to you dear readers. You provided us with valuable feedback and in some cases important github push requests. You’ve been there to make sure that we were designing something that could please most of the (non) tech-savy people out there and we thank you for it. So stay tuned as in a week we will be publishing a video of our first prototype in action!
The last few weeks have been quite tense for the Mooltipass team as we were impatiently waiting for our smart cards, cases and front panels to come back from production. Today we received a package from China, so we knew it was the hour of truth. Follow us after the break if you have a good internet connection and want to see more pictures of the final product…
We’re pretty sure that most of our readers already know it by now, but we’ll tell you anyway: the Hackaday community (writers and readers) is currently developing an offline password keeper, the Mooltipass. As it has been more than two weeks since we wrote an article about our progress, today’s will be about the Mooltipass front panels and our beta testers program.
At the end of our mechanical design rundown article we showed that we were originally planning to put a slightly tinted acrylic panel on top of our device. We however could still make out the Mooltipass’ insides, which wasn’t in line with the nice professional look we wanted. We then designed another front panel, one which was transparent above the OLED screen/LEDs and opaque (black) on top of the rest. To our surprise the result still wasn’t as good as we had hoped, as the contrast between the front panel and the screens/LEDs was too big. We finally came up with the panel shown above (see GitHub repository folder) which combines the two techniques previously described. As it is still in China, we’ll show you the final result when we get it in our hands.
We launched around 10 case prototypes in production, they will soon be shipped to our current contributors/advisers together with the smart cards chosen by Hackaday readers. In the meantime we sent our official call for beta testers to our mailing list recipients and hackaday.io followers, in which we asked them to fill a small form that will allow us to know them a bit better. We asked about their home/work computer setup, their level of expertise, their willingness to contribute to the prototype cost and finally specifics about who would use the Mooltipass they’d receive. We are targeting a broad range of users but also testers that will provide us with detailed feedback and clear bug reports.
We also spent quite a while searching for cheaper alternate parts that could be sourced in relatively big quantities. This is usually an overlooked aspect of a project so we preferred to tackle this as soon as possible. In a few weeks the contributors and I will receive all the components required to assemble our final prototype (front panels / case / top & bottom PCBs / smart cards) and it will be time to write a new update. Want to stay informed? You can join the official Mooltipass Google Group or follow us on Hackaday Projects.
For the last few weeks we’ve mostly been improving our current PCBs and case design for the production process to go smoothly. The final top PCB shown above has been tweaked to improve his capacitive touch sensing capabilities, you may even see a video of the system in action in the Mooltipass project log on hackaday.io. We’ve also spent some time refining the two most popular card art designs so our manufacturers may print them correctly. We’ll soon integrate our updated USB code (allowing the Mooltipass to be detected as a composite HID keyboard / HID generic) into the main solution which will then allow us to work on the browser plugin.
It’s also interesting to note that we recently decided to stop using the GPL-licensed avrcryptolib. Our current project is CDDL licensed, allowing interested parties to use our code in their own project without forcing them to publish all the remaining code they created. The GPL license enforces the opposite, we therefore picked another AES encryption/decryption implementation. This migration was performed and checked by our dedicated contributor [Miguel] who therefore ran the AES NESSIE / CTR tests and checked their output, in less than a day.
We’re about to ship the first Mooltipass prototypes to our active contributors and advisers. A few weeks later we’ll send an official call for beta testers, just after we shown (here on Hackaday) what the final product looks like. Don’t hesitate to ask any question you may have in the comments section, you can also contact us on the dedicated Mooltipass Google group.