Introduction
I've been working on and using C'YaPass (password generator / manager) for over 8 years now but I haven't invested a lot of time to explain how it can help make your life easier so I am writing a series of articles to do that.
First Problem: You Need Your Passwords Everywhere
I use all of the following devices on a daily basis:
- iPad Pro
- Windows 10 Laptop
- iPhone
- Linux desktop (Ubuntu 22.04.2 LTS)
I need to be able to sign on from any one of these devices at any time.
I’m writing this article in Google Docs on my iPad while sitting on my front porch and when I need to sign into my Google account I need my password to be available.
I previously had an Android phone and needed my passwords there too.
C'YaPass WebApp Runs On All Devices
C’YPass makes that possible because the Web App will run on any device. That means no matter where you go you can get to your passwords.
Even if you are using a public computer or you've gone online on a friend's computer, you’ll be able to get your passwords.
C’YaPass Doesn’t Store You Passwords On Any Device
However, keep in mind that C’YaPass never stores your passwords anywhere. That’s a big deal because it keeps your passwords more secure than any other system.
C’YaPass Generates Your Passwords
C’YaPass uses your (required) SiteKey and (required) geometric pattern and if you choose, your Multi-Hash* value to generate a random password every time you use the system and select the SiteKey.
*More about Multi-Hash in an upcoming article in this series.
Since the password itself is generated every time, you never have to worry about your passwords being stolen from your system or some cloud account.
It sounds impossible to reproduce the generation of a random password every time, but there is a much longer explanation of this here in my older LinkedIn article at: https://www.linkedin.com/pulse/destroy-all-passwords-never-memorize-password-again-roger-deutsch/
Try C'YaPass: No Installation Required
You can try it out right now in your web browser on whatever device you're reading this article from. Here's a quick step-by-step guide to what it will look like when you try it.
Step-By-Step Guide
Go to the Web App on the official C'YaPass site: https://cyapass.com/js/cya.htm
You'll see the following:
Add a new SiteKey -- this is a mnemonic to remind you which site you are using this password for. It is used in conjunction with your geometric pattern (in the next step) to generate your random password. I'll Click the [Add] button and add a new SiteKey : bigBank
A pop-up dialog will appear and I will set all of the Password Requirements that the site forces me to use. A Password Requirement is any one of those annoying things you have to remember when creating your password (use uppercase, include special character, password can only be a certain max length (a ridiculous requirement)). Once you filled all of those out you'll see:
Creating SiteKey with password requirements
Click the [OK] button and your new SiteKey will be saved with the associated Password requirements and you'll see the main page again with the new SiteKey available.
Now, let's draw a pattern in the grid on the right and our randomly generated password will appear. Please note, you probably do not want to ever use the pattern I'm showing below. It the same geometric pattern I use for all my samples. Since the SiteKey and the geometric pattern are used to generate the random password, you need to keep them secret.
Password is generated & copied to clipboard
I've highlighted two important areas (in green boxes) in the previous snapshot. The first area (on left) is showing the Password Requirements that have been set because we chose this SiteKey (bigBank) which has all three of them set.
The second area (on right) is the generated password. However, you will notice that the password doesn't yet include a special character. That's because we need to type one in the Special Characters text box.
C'YaPass requires that you type that special character each time you start the app for one more level of security. However, when you type that special character in there, it will use that character for any other SiteKeys that you select making less work for you to do. We'll use the special character $ (dollar sign). As soon as you type the special character in, the password will be updated to include it
Special character is added
Adding a 2nd SiteKey
Now, let's see how easy your life will be using C'YaPass when you have many more sites you need to log into (more SiteKeys) by adding a new one. Click the [Add] button again and add a new SiteKey: myMail@gmail.com -- We'll make the only password requirement to use a Special Character so you can see how that works.
As soon as you click the [OK] button to save the SiteKey A) The SiteKey will be added to your list B) the new password will be generated C) The special character will be added automatically to the password D) the password will be copied to your clipboard so you can paste it into the site where you need to login.
64 character password is generated with special character
Take note of a couple of things. First of all the 64 character password is generated and since this SiteKey includes a special character and you've already typed it into the text box it is automatically included in the generated password. The app also copies your password to your system clipboard so you can easily paste it into the your site to login. However, some web browsers (especially on iPhones) don't always run the copy to clipboard command properly.
That's where the green highlighted button to the left comes in: it is the copy-to-clipboard button. If the password isn't copied automatically just click the button and it'll be copied.
Now you know the basics of using C'YaPass.
SiteKeys Are Never Transferred Anywhere
The SiteKeys you create in your browser will only be available on that particular browser on that particular device. They are never transferred anywhere. You own your SiteKeys and you decide where you will use them.
Destroying The SiteKeys
As a matter of fact, you can destroy all the SiteKeys you created in our practice session above by simply clicking the [Remove All SiteKeys] button.
When you click the [Remove All SiteKeys] button you will have a chance to [Cancel] the operation. A dialog box will popup and warn you. If you want to keep the SiteKeys, just click the [Cancel] button. If you do want to destroy them, click the [OK] button and they will be permanently deleted.
Warning: There is no way to get them back after you destroy them.
Popup dialog allows you to cancel removing all SiteKeys
How Do You Get Your SiteKeys On All Devices?
But, if the SiteKeys (along with your geometric pattern) are required to generate all of your passwords then how can we get them onto all your other devices?
Answer: Export & Import
That's where the Export & Import SiteKey functionality comes in. But that is for another article in the series.
If you're really interested in how that works you can read a previous article I wrote up on the CodeProject.com web site at: https://www.codeproject.com/Articles/5338047/C-YaPass-The-Best-Password-Manager-You-ve-Never-Us
Thanks for reading my article and checking out C'YaPass.
More To Discuss: Future Articles
There's a lot more to discuss so here's a list of topics for upcoming articles (one released every day):
- Getting the desktop app (Can be installed on all major Operating Systems (MacOS, Linux, Windows 10/11)
- Getting the Android app
- Typing Strong Passwords Using Your Thumbs Is Terrible (Making Mobile easier)
- Switching To A Password Manager Is A Pain (But It Doesn't Have To Be)
- Passwords Are Difficult To Share (But It Doesn't Have To Be)
- Web Sites Have Stupid Password Requirements
- There Are Too Many Things to Sign Into & Too Many Passwords
Getting The App Now: Spoiler Alert
Windows App Store
You can install the Windows app from the Windows App Store: https://apps.microsoft.com/store/detail/cyapass/9PFD82D1Z7RW?hl=en-us&gl=us
Google Play
You can install the Android app from Google Play: https://play.google.com/store/apps/details?id=app.actionmobile.cyapass
Linux Snapcraft
You can even install the desktop app directly to your Linux distro from Snapcraft:
MacOS Installation
I'll update the official site (https://cyapass.com) with the MacOS DMG (installation file) very soon.
Top comments (2)
Looks cool. Are the patterns absolute co-ordinate specific? In other words, if I draw that same shape in the top corner, does it register as being the same as if I draw it in the middle of the grid?
Thanks very much for reading and commenting.
The patterns are coordinate specific. A square in the top corner will not produce the same value as a square in the middle of the grid.
This provides far more values to be created from the location and the shape and randomizes things much more and makes it far more difficult for someone to guess your geometric pattern since it has to be the same shape in exact same location.
The nice thing however, is that if you draw your pattern in the same location but in a different order than you originally drew the shape it will still generate the same value. That way you don’t have to remember the exact order you drew the shape in.