Opfes - One Password For Every Site

Remember your user-id's and need only one password. That is what I will help you do.

Nice to meet you!

Hi, I am Opfes

Or with my full name: One Password For Every Site. That is my name and that is what you will be able to do. No more need for remembering lots of userid's and storing passwords in separate documents or tools. Only one, easy to remember and easy to type password, and I will take care of the rest. You will be logging in with extremly strong passwords, your passwords will be different on every site and your passwords will not get stored anywhere, making it the most secure way.

Demo

Take a minute to view this demo. Guaranteed, if you ever had any trouble with keeping your passwords safe: you will love it!

Login demo to 4 sites

The safest password helper

Why is my way of password-assistance far safer, and better in keeping your data safe compared to other password-helpers and browser-functions?

First: No password storage.
I do not store any of your passwords anywhere. I don’t need to. All I store is your user-id's per domain. Other password-helpers require you to trust them with a list of your user-id-and-password combinations. Although they try to keep it safe by encrypting that datafile, that file can always get hacked or legally opened by some three-letter governmental institution, or used against your intention by the password-helper’s company. Do you trust all of them?
Second: I am Open Source.
Most password-helpers are not open-source but proprietary, meaning they do not give you the opportunity to look at the code. So, you have no way to tell what they actually do with the data you provided them.
Third: I send nothing at all over the internet.
The little data that you provide me, I will keep that confided to your computer/tablet/phone. I never ever send any of your data across the internet. Most password-helpers do. They even like to store your data in 'The Cloud'. Do you trust the cloud?
Fourth: You get Very-Strong-Passwords
All your passwords will have the maximum strength available. A mix of up to 120 characters of lowercase, uppercase, numbers and special characters. Always at least one of each.
Fifth: All code is simple and readable
I kept my software as simple and readable as possible so even novice programmers will be able to understand the code entirely.
Sixth: Phishing gets harder
Because the password changes as soon as the domainname changes, malicious phishing criminals will receive a different password then you actually use.

Getting started

Add Opfes to your browser

  • Download me in one of the App-store's of Google, Microsoft or Apple. Once you added me to your browser, you will see me appear in the bar.

Add your first site

  • Go to a logon-page of any site
  • Login like you used to
  • Go to the change-password-page
  • At the NewPassword input-box, enter your new opfes password next to my icon
  • Click on my icon and the generated password will get copied to the new-password field
  • Do the same at the confirm-password-field: enter your new opfes password next to my icon
  • Now save your new password and log out.

Now log in with your Opfes-password

  • Go to the login-page
  • Enter your new opfes password next to my icon
  • Click on my icon, the generated password will get copied to the new-password field
  • Click on the regular Login-button, you should now get logged in.

Get your password here

You can even get your password right here, if you know your domain, user-id and other needed variables. Fill out this form and press 'Get your password'.

No more phising

Using my login-technique makes any phising attempt unsuccesfull

Always the wrong password
Because I generate the password based on the active domainname, the password given by the Opfes user to the malicious phishing criminals will differ from the password they are trying to receive. Even without the user being aware of this. And since it is a hashed password and they don't know all parameters, they are incapable of deducting the password for the intended site.

Fully protected against idn-phishing

Even when you are suffering a homograph attack, meaning visiting https://www.xn--80ak6aa92e.com/ will show www.apple.com in the url-bar, I will keep you safe. I will correctly give you the password belonging to https://www.xn--80ak6aa92e.com/ thus they will not get your password for your account on www.apple.com! For more info on this type of phising, see: https://www.xudongz.com/blog/2017/idn-phishing/

Frequently asked questions

The logon-window says that the password you supplied me is wrong?
  • First check if the user-id in the logon-window also matches the parameters you gave me.
  • Second if you used the password I supplied you, then one of parameters that you supplied me together with your password is different form when you first used the password I supplied you. Mind you: they are case-sensitive.
  • if First and Second fail, there is no other option, but to request a new password. I have do not have any other password for you available. Sorry about that.
I try to logon to site that is a slave of a single sign-on without automatic logon. How can I get my password.
Open my settings window and change the domain-name to the domain of the single-signon master.

Try me out!

NB. At this point in time, this will only work after the Opfes' webextension has been installed and userdata containing opfes.com has been loaded.
  • Enter 'demopassword' in my password-field (not in the regular one)
  • Press enter and see the generated password get copied to the regular password field.
  • Press the Login button and you succesfully logged on.

I am very easy to use.

I will make it as easy as possible for you to log anywhere. It is enough to remember only one password and I will keep track of your user-id's.

Although using one password is relatively safe, you can be even safer if you use a different password per site. I would advise to do so, but that is up to you.

How does it work?

  • When you enter any webpage, I check if the page contains a password-box.
  • If so, I will recall the user-id from your previous login and prefill the userid-box with your user-id.
  • You enter your single opfes-password and click on the Opfes-login-button.
  • I will generate your password, based on the password you provided, together with the domain name and some other values. This is why I do not store any password. I just regenerate the psasword you need every time you provide me your password.
  • I will prefill the generated password and login.