For a little less than a year open source enthusiasts from all over the globe got together to work on an open source offline password keeper. We narrated our progress here on Hackaday and always asked our readers’ opinion when critical decisions were to be made.
Today, the wait is finally over: the Mooltipass crowdfunding campaign finally arrived.
In some of our Developed on Hackaday series posts we noticed that it was tricky for us to convey the benefits of the device we were developing. The first 3 minutes of our video therefore explain good security practices and how the Mooltipass can help users with their credentials security. For our readers that may not have followed our adventure since its beginning, the campaign’s text will provide them with a simple (yet detailed) explanation of what the Mooltipass can do. Finally, our geeky readers will find at the end of our write-up a few links supporting our claims. We would have liked offering cheaper pledges but we unfortunately need to hire professional javascript developers to finish our app & extension.
Our Mooltipass Developed on Hackaday series therefore come to an end. We would like to thank you for your support and hope that you enjoyed seeing an idea materialize into a crowdfunding-ready product!
It says it works on ‘all platforms and devices’ but that’s not really true. One big one that comes to mind instantly it iOS devices.
Could you not add bluetooth so that it could work with the iPhone/iPad etc? Or is there a security issue with that?
you can use USB OTG cables to connect the Mooltipass to iDevices.
Maybe you should update indiegogo since it specifies Android devices and doesn’t have any mention of iOS on the page.
I knew there were OTG cables for android but didn’t know they existed for apple devices.
Still, I wouldn’t buy one for my android tablet and then another for my iphone. Would rather just use bluetooth which is free for me.
Quick eBay search shows you can get an iOS USB OTG cable for under $5 shipped.
Yeah there are cheap cables available but the problem is they only support certain models and you usually have to throw them away after each iOS update because they get blocked since they’re not official apple hardware.
The ones I see for sale aren’t even compatible with iOS 8 yet and even if they were, they’d stop working by the next update.
In reality, I don’t think I’d use it on mobile devices anyway because you mostly have apps that are storing a login key and don’t require a username/password each time, so I guess it’s not such a big deal.
I’d imagine for most users it would just be permanently connected to a single system laptop/desktop computer.
StinkySteve: “have to throw them away after each iOS update because they get blocked”
The answer is obvious. Don’t buy shitty products from shady companies that block out 3rd party accessories in order to line their pockets.
wow what a shitty company, almost as bad as FTDI.
Take it to the apple store for inspection. That is what you pay for.
I had always assumed that you could use a USB keyboard with the iPad but a quick Google search indicates this isn’t necessarily true. Weird. (I don’t own an iPad.)
Its open source, so you are free to modify it to meet your specific needs…
Let’s hope you get the funding soon, pledged one!
(good writeup on the indiegogo page /video by the way)
thanks!
At at the goal of 100K$ and about 80$ per item, they would need a bit less than 1363, isn’t that quite a lot?
Only 100 units are at 80$ and 90$ rewards, the real price is 100$. That means that it need 1122 units. I’m pretty sure that some will add cards and some will buy the aluminium one, which will lower the number of device needed. I guess there will be people ready to donate too.
If someone like Bruce Schneier mentioned it on their blog it would be sold out.
The only problem is that it would reduce the number of people using his open source password safe software. https://www.schneier.com/passsafe.html
Interesting read on how to choose secure passwords though, may interest some people:
https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html
Quite a lot…? No. For any modern production electronics item, that’s a very small number. Setting up a modern production facility for anything less than 5k – 10k units is economically marginal, and the price breaks for parts in volume often only become attractive above 10k or so.
I’m really tempted but I’m put off by the size and having to buy OTG cables.
I’ve been looking at ‘The Final Key’ which is a similar project but not as smooth on the software side of things and doesn’t include secondary protection (like the smart card/pin).
Do you have any plans for a smaller version? Maybe I should consider making my own Mooltipass with an arduino nano bluetooth. But what smaller alternative could there be for the smartcard/pin? Maybe a nano simcard and some basic pin input.
It’s already about the size of a small smart phone. How much smaller do you need it to be?
Ideally closer to the size of a USB flash drive.
You and me both :-)
I don’t have the energy or time to put serious effort in to it, but I’ve got some decent design ideas for a USB thumb drive sized device based around cap-touch and a 1″ diag OLED display. The thing that has me stuck is finding a suitably small chip/pin slot and card: I haven’t been able to sample any sockets I’ve found, and I’ll probably have to punch down a full size card to get to ID-000. If ever I get something finished, I’ll definitely post to HaD :-)
funny that i discover your plans here ;)
Meh, I gave in and bought one haha. I do think there are improvements to be made but I want to support HaD. Even if there’s this weird ‘made by HaD, not made by HaD’ thing going on with this project.
Thanks a lot!
The Mooltipass project isn’t affiliated with Hackaday _at all_.
So the Evil Overlords won’t funnel profits into their pockets, or slip in a backdoor during production? How’d you get it past them? B^)
Not sure if I’m allowed to reveal the details, but from the start it was a common idea from some electronics enthusiasts.
Well yeah you say that but it’s developed by a HaD staff member, heavily promoted (inc. sticky posts I believe) on HaD and carries a ‘developed on hackaday’ moniker. I don’t think you could get any closer to being HaD hardware without putting the logo on it.
This.
To say that Mooltipass isn’t affiliated with HaD “_at all_” seems a bit disingenuous considering that HaD has been *very* involved with the development of the Mooltipass.
So it would seem that Indiegogo truncates whatever you enter in as cents so you’ll need to buy your extra cards in pairs. I figured a nice even 5 cards was reasonable (because why not). You might want to make a note of that, I’d have been more than happy to toss in an extra $1.50 for another card had I known, rather than essentially donating $1 (or shorting y’all $0.50)
I dont go with the size, the UX, the Logo or the Arduino-thing on the back. But it will be open source so that is something I will support. I will wait for a PCB only solution where I can but my own Display/UX on…
I liked the idea of the device from the beginning, but as long as it is big enough not to fit in a wallet i would not want to worry about not being able to login somewhere because i don’t have the thing on me.
So for V2, how about combining this: https://www.plastc.com/ and this http://eleccelerator.com/usb-business-card/
having kids around how like to fiddle with anything that is shiny and flashes. I can see the 3 pin tries and bricking a card getting old quite quickly…
This project received a ton of coverage on Hackaday (I honestly thought this was a Hackaday-sponsored project) and it sounds like there were a lot of contributors. But is this a non-profit crowdfunding campaign, or will contributors get a slice of the profits? If not, did Mathieu Stephan trick people into volunteering to contribute to his personal venture?
Maybe I should pose this question in a more general sense: what happens when people contribute to an open-source hardware project, and then the project creator starts a crowdfunding campaign? Are the contributors okay with that? Do they expect something in return?
Hey Mike,
The pledges were set so we could produce all the units and cover possible injection molding issues (among others). It is therefore very unlikely that this campaign will result in any major profit. Please note that I’m not expecting to be reimbursed for the $7k+ I personally invested in this adventure.
What was agreed with the contributors is that if there’s such a demand that we should venture in something bigger, share ownership will be representative of time invested in the project.
Thanks for the response, Mathieu. I hope I didn’t sound like a jerk. I just don’t have a good understanding of how open source projects transition to crowdfunding projects.
Mike,
No worries… I’m actually surprised nobody asked this question sooner ;).
So I couldn’t figure out how to tell it I wanted to buy extra cards with my earlybird buy other than “donating”, which I (possibly stupidly) didn’t do.
Can I separately buy a $5 “thankyou” reward, add $10 to it and get +10 cards included with my buy/reward? There doesn’t seem to be a way to add a note to express these things.
Better yet, I think you should add a $15 “send 10 more cards” reward option.
You raise a good point. I’ll add “7 more cards” for $10 pledge if that’s alright with you.
thanks. I just saw that now and was wondering whether I was blind to miss it before or whether it was new ;)
What happens if you don’t hit the indiegogo target? We all get refunded and then buy from your own shop at a higher price?
Also instead of finishing software and then doing production. Can’t you do production and then push out updates later?
If we don’t hit the target… well I’m not sure about the future yet.
Having commercialized several products before, it’s better to have everything ready then ship to the customers.
I do hope that the MP gets fully funded: but if it does not, I for one would be very interested in trying for a Mk 2 that is portable and an option for BT (more $) or just USB (less $). MP is great first gen, but there’s always room for further development :-)
Why aren’t you concerned about manufacturing in a country that embraces hacking and thinks that corporate espionage is acceptable?
you’ll be free to reprogram your device with the firmware compiled from the repo.
There is any information how the product cost was calculated? Price for components, box, assembly, etc? How the profit will be used?
You’ll find the pledge funding breakdown on the campaign’s page. Profits (if there are any) may be used to work on a mooltipass v2.