smart-pass

smart-pass

Fill in login forms using an OpenPGP-enabled smart card

What is smart-pass?
Smart-pass is a Chrome extension designed to boost the security of your online accounts. It leverages OpenPGP-enabled smart cards to fill in login forms. This intuitive extension works seamlessly with a Google Drive-synced password store encrypted using an RSA key stored on your smart card. Compatible with different smart cards and operating systems, Smart-pass revolutionizes account security while streamlining and enhancing user experience.
Stats
Rating: 3.83 (6)
Version: 0.9.8 (Last updated: 2020-05-14)
Creation date: 2020-05-14
Risk impact: High risk impact
Risk likelihood: Low risk likelihood
Manifest version: 2
Permissions:
  • activeTab
  • alarms
  • clipboardWrite
  • contextMenus
  • identity
  • idle
  • https://www.googleapis.com/drive/v3/files/*
  • chrome://favicon/*
  • http://*/*
  • https://*/*
Size: 290.82K
Stats date:

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension
Summary

UPDATE: Due to collisions with the global keyboard shortcuts on Chrome OS, the default shortcut for this extension has been changed to Ctrl+Shift+P (resp. Cmd+Shift+P on Mac). The keyboard shortcut can always be changed under chrome://extensions/shortcuts.

Fill in login forms using an OpenPGP-enabled smart card.

*** NOTE: This extension requires the Google Smart Card Connector extension https://chrome.google.com/webstore/detail/smart-card-connector/khpfeaanjngmcnplbdlpegiifgpfgdco to be installed and enabled. ***

This extension is meant to be used with a Google Drive™-synced password store generated by zx2c4's ‘pass’ https://www.passwordstore.org and encrypted using an RSA key stored on a smart card such as a YubiKey, Nitrokey or a Fellowship smart card.

It is compatible with one of the two storage formats supported by Danny van Kooten’s ‘browserpass’ https://github.com/dannyvankooten/browserpass, which this extension is based on. This storage format is also used by the Android app ‘Password Store’ https://github.com/zeapo/Android-Password-Store. For example, encrypted password files for a login form at ‘https://(www.)login.domain.com/secure.html’ can be stored in any Google Drive™ folder called ‘login.domain.com’ and should have file names of the type ‘username.gpg’, where username is replaced by the username used to log in. The content of the files are the GPG-encrypted passwords for the respective username. Both raw and ASCII armored encrypted files are supported. There can be multiple logins and/or folders per domain and these files can be encrypted using keys on different smart cards. The decryption request will be sent to the smart card with the matching public key.

On first use, the extension will request read-only access to your files on Google Drive, which is needed to find and read encrypted password files. It will also trigger a warning message from the Smart Card Connector extension, since this extension is not contained in its whitelist of smart card middleware applications.

The smart card PIN (or any other user data) is never stored and is only kept in memory for as long as necessary (or requested by the user in case of PIN caching). The extension requests exclusive access to the smart card reader.

See more
User reviews
Нихрена не работает. Оно и не удивительно.
by Kosebamse Kosebamse, 2020-01-08
View all user reviews
Safety
Risk impact

smart-pass is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this extension. Review carefully before installing. We recommend that you only install smart-pass if you trust the publisher.

Risk likelihood

smart-pass has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details
Screenshots
Similar extensions

Here are some Chrome extensions that are similar to smart-pass: