Opfes -
One Password For Every Site
Remember your user-id's and need only one password. That is what I will help you do.
Nice to meet you!
Hi, I am Opfes
Or with my full name: One Password For Every Site. That is my name and that is what you will be able to
do.
No more need for remembering lots of userid's and storing passwords in separate documents or tools. Only
one, easy to
remember and easy to type password, and I will take care of the rest. You will be logging in with
extremly
strong passwords,
your passwords will be different on every site and your passwords will not get stored anywhere, making
it
the
most secure way.
Demo
Take a minute to view this demo. Guaranteed, if you ever had any trouble with keeping your passwords
safe:
you will love it!
Login demo to 4 sites
The safest password helper
Why is my way of password-assistance far safer, and better in keeping your data safe compared to
other
password-helpers and browser-functions?
- First: No password storage.
- I do not store any of your passwords anywhere. I don’t need to. All I store is your user-id's
per
domain.
Other password-helpers require you to trust them with a list of your user-id-and-password
combinations. Although
they try to keep it safe by encrypting that datafile, that file can always get hacked or legally
opened by
some three-letter governmental institution, or used against your intention by the
password-helper’s company. Do you trust all of them?
- Second: I am Open Source.
- Most password-helpers are not open-source but proprietary, meaning they do not give you the
opportunity to look at the code. So, you have no way to tell what they actually do with the data
you
provided them.
- Third: I send nothing at all over the internet.
- The little data that you provide me, I will keep that confided to your computer/tablet/phone. I
never
ever send any of your data across the internet. Most password-helpers do. They even like to
store
your
data in 'The Cloud'. Do you trust the cloud?
- Fourth: You get Very-Strong-Passwords
- All your passwords will have the maximum strength available. A mix of up to 120 characters of
lowercase,
uppercase, numbers and special characters. Always at least one of each.
- Fifth: All code is simple and readable
- I kept my software as simple and readable as possible so even novice programmers will be able to
understand
the code entirely.
- Sixth: Phishing gets harder
- Because the password changes as soon as the domainname changes, malicious phishing criminals
will
receive a
different password then you actually use.
Getting started
Add Opfes to your browser
- Download me in one of the App-store's of
Google,
Microsoft or Apple. Once you added me to your browser,
you will see me appear in the bar.
Add your first site
- Go to a logon-page of any site
- Login like you used to
- Go to the change-password-page
- At the NewPassword input-box, enter your new opfes password next to my icon
- Click on my icon and the generated password will get copied to the new-password field
- Do the same at the confirm-password-field: enter your new opfes password next to my icon
- Now save your new password and log out.
Now log in with your Opfes-password
- Go to the login-page
- Enter your new opfes password next to my icon
- Click on my icon, the generated password will get copied to the new-password field
- Click on the regular Login-button, you should now get logged in.
No more phising
Using my login-technique makes any phising attempt unsuccesfull
- Always the wrong password
- Because I generate the password based on the active domainname, the password given by the Opfes
user to the malicious phishing criminals will differ from the password they are trying to
receive.
Even without the user being aware of this. And since it is a hashed password and they don't know
all
parameters, they are incapable of deducting the password for the intended site.
Fully protected against idn-phishing
Even when you are suffering a homograph attack, meaning visiting https://www.xn--80ak6aa92e.com/ will
show
www.apple.com in the url-bar, I will keep you safe. I will correctly give you the password belonging
to
https://www.xn--80ak6aa92e.com/ thus they will not get your password for your account on
www.apple.com!
For more info on this type of phising, see: https://www.xudongz.com/blog/2017/idn-phishing/
Frequently asked questions
- The logon-window says that the password you supplied me is wrong?
-
- First check if the user-id in the logon-window also matches the parameters you gave
me.
- Second if you used the password I supplied you, then one of parameters that you
supplied me
together
with your
password is different form when you first used the password I supplied you. Mind
you: they
are
case-sensitive.
- if First and Second fail, there is no other option, but to request a new password. I
have do
not
have
any
other password for you available. Sorry about that.
- I try to logon to site that is a slave of a single sign-on without automatic logon. How can
I get my
password.
- Open my settings window and change the domain-name to the domain of the single-signon
master.
I am very easy to use.
I will make it as easy as possible for you to log anywhere. It is enough to remember only one
password
and I will keep track of your user-id's.
Although using one password is relatively safe, you can be even safer if you use a different password
per
site. I would advise to do so, but that is up to you.
How does it work?
- When you enter any webpage, I check if the page contains a password-box.
- If so, I will recall the user-id from your previous login and prefill the userid-box with your
user-id.
- You enter your single opfes-password and click on the Opfes-login-button.
- I will generate your password, based on the password you provided, together with the domain name
and
some other values. This is why I do not store any password. I just regenerate the psasword you
need
every time you provide me your password.
- I will prefill the generated password and login.