Passy

  • List
  • Sync
  • Settings
  • Help

    • All locally stored source data values are displayed in the list below. If you click on any of the items, it will clear that value, removing it from storage. If you make a mistake when entering a passphrase, this is the easiest way to fix it.

    Advanced options

    Clear ALL stored data values from: and/or

    You can also clear ALL app data from Session Storage just by closing the browser tab or app window. Refreshing the page won't work, you have to fully close the tab/window to end an active session. That is not specific to this app, but a feature of every modern browser engine.

    There is no quick button to clear other types of persistent local storage data, nor anything from the internal indexed database. Doing so would erase all of your created rules and settings. If you are using the sync service, it would also erase your sync account info from this copy of the app. If you really want to clear everything and reboot the app back to a factory setting, there will be instructions of how to do so in the Help section. I'd obviously recommend exporting your data to a file and/or using the sync service before doing so!

    This data source is not for general use.

    rule.id

    Please enter the secret value (a password or pass-phrase) for the {data-name} local data value, which is being used by one or more password generation rules in your database.

    If you make a mistake in your secret value and need to change it, you can find instructions of how to do so on the Help tab.

    Welcome to Passy!

    It appears this is the first time you have opened Passy 6 with this device or web browser. If you were a user of Passy 5 or earlier, you will have an account on the Passy 6 Sync Service that will have all of your original rules available on it; if that is the case you should click the Login button below. If you have no idea what Passy is and have never had an account set up for you, then you can use the app entirely offline by simply clicking the Continue button.

    Either way, once you have clicked either one of those buttons, this dialog will no longer be shown when you open this app instance. Just remember that every device and/or browser you use will create a separate app instance and will show this the first time its opened.

    Creating a new rule

    The rule identifier must be a unique string, such as an email address (my.name@gmail.com), site domain name (amazon.com), or if you have more than one account on a site, I like to use an e-mail-like id with my username at the site (warrior1@battle.net).

    Once you have created the rule, the identifier cannot be changed, so make sure it's exactly what you want before you continue!

    Template:

    Preset:

    Sources
    rule.id

    Rule Settings

    Standard presets are composed into your rule directly, and aren't remembered once set.

    Custom presets as linked to your rule by reference, and will be remembered unless removed.

     

    More settings…

    These settings are generally handled by the Presets, but if you want you can fully customize the rules to your exact liking.

    The newer algorithms all use the bit size as their suffix. More bits = longer password.

    This is not recommended for general use. It's intended only for sites that require a code consisting of only decimal numbers.

    Data Value Sources 0

      Customisations 0

        Notes 0

          Import & Export
          DataVault is a custom format that obfuscates the rules so they aren't directly readable. This is recommended for most common use-cases.
          JSON is a standard data interchange format that is able to be read as plain text. This is meant for advanced purposes such as debugging or interop with other systems that can parse JSON data.
          You will be prompted to download and save the file. Make sure to store it somewhere secure!

          Sync Service
          The default service does NOT currently offer public registration. Existing users of previous versions of Passy will have had an account created automatically and will have the details e-mailed to them. Anyone else can use the manual import/export feature, or wait until I implement a registration system that can weed out bots.
          logged in as
            

          Login to Sync Service

          Each app instance that connects to the service should be given a human-readable name. A simple name like my laptop, would work. If you use more than one browser on a device, you can include the browser in the name: firefox@hostname; it's entirely up to you. This field is optional, but if you skip it, it will be more difficult to identify individual instances in the Sync service session list.

          Listing & Queries

          Regular Expressions are a formal query syntax that allow for far more complex search patterns.

          Accessibility Options

          Simply drag list items in the editor to rearrange them. This is enabled by default.

          The UI for this is rather messed up on touch-screen devices at the moment. It works, but doesn't show the element being dragged properly. Until I write my own Drag+Drop Touch library to replace the third-party one I'm using, I don't think its fixable.

          As an alternative to dragging list items, you can add extra action buttons that allow you to move the item up or down in the list.

          Advanced Settings

          This will add a bunch of features I consider fairly technical. Knowledge of cryptography and JSON is recommended!

          This will add a few features I consider extremely technical. Knowledge of Javascript is required!

          Overview

          Passy is an unconventional password management app. Instead of saving your plain-text passwords, it saves a set of rules that are used to generate unique passwords for each site.

          As of Passy 6.0 this is a progressive web app (PWA), which in practical terms means by default it stores its data on your device rather than on a server. There is an optional Sync Service that will let you easily keep your rules synced between multiple copies of the app running on whatever devices you want.

          Listing Screen

          The listing screen's behaviour depends on the listing type that you are currently displaying. Currently the app supports Password Rules, and Stored Values. Further types will be added in the future.

          There is a button on the right-hand side of the query box that toggles the visibility of a type selector box that can be used to switch between the different listing types. If you switch when there is a value typed into the query box, that value will be remembered when you switch back to the mode it was for.

          Password Rules List

          The main page is pretty empty by default, showing only the Query text box. As you type in the box, it will show any saved password rules whose identifiers match the text you are typing. You can click/tap a displayed rule to have the password generated and copied to the clipboard; a dialog will appear with any notes or associated data for the account the password is for. You can right-click/long-press on a list item to bring up a context menu that has options to edit the rule, or clone it (creating a new rule with the same sources and options, but a different rule identifier).

          Assuming the list of items matching your text entry isn't narrowed down to excactly one item, it will also give options to add a new rule with the text used as its identifier, or use the text as the identifier for an implicit password rule that will be generated immediately as if you'd clicked its (imaginary) rule item.

          Stored Values List

          Stored values are kept in a much more basic storage system, which has two subtypes supported on every modern web browser platform. The first one automatically deletes all values stored in it when the browser tab (or app window) is closed. The second one is persistent storage that is only generally removed when the user requests it to be. Passy supports both variants, and the list will show the identifier name key of any currently set values. A built-in key named 'classic-default' is used by the implicit rules automatically created using the original (Passy version 5 and earlier) algorithm.

          Due to the nature of the stored values, the only purpose of this list is to make it simple to remove/clear any stored values of your choice. The most common reason being that you accidently mistyped a secret passphrase and need to change it.

          Keyboard Shortcuts

          If you are using a keyboard with control keys, there are a few shortcuts when typing in the Query text box, designed to make keyboard use more convenient. These only work if the query box is actively focused.

          Enter key

          The Enter key is special in that what it does depends on the current search query, the number of search results, and the current listing document type. If there is no search query, regardless of anything else, Enter does nothing at all.

          If there is exactly ONE search result, then pressing Enter will act as though you had clicked the listing item being displayed. That logic is the same regardless of the listing document type.

          If there are multiple results, BUT one of them is an exact match for the search query (imagine rules named 'test' and 'test2') then it will still act as though you'd clicked the listing item for the exact match. This is also the same regardless of the listing document type.

          If there are ANY other number of search results on the Password Rules list (including NONE), pressing Enter will act as though you clicked on one of the action buttons. Which action is able to be configured using the app Settings tab; by default it will use the first button (Use as implicit password rule).

          If there are ANY other number of search results on the Storage Values list (including NONE), pressing Enter won't do anything at all. This is because there are no context-specific action buttons. You can expand the Advanced options panel to clear all Storage Values in either data vault.

          Escape (Esc) key

          Pressing the Esc key will clear all text in the Query input box. If there is no text in the Query box, it does nothing at all.

          Up and Down Arrow keys

          Pressing the Down Arrow key will switch to the next listing type, while the Up Key will switch to the previous type. If you're on the last type in the selector and press Down, it will jump to the first. If you're on the first type and press Up, it will jump to the last. You don't have to have the type selector visible to use this feature!

          Implicit Password Rules

          Implicit password rules simply take the exact query that you have typed, and create a quick rule using a specific pre-defined template. The default is the type of rule used in previous versions of Passy (where implicit rules were more common than stored ones).

          Implicit rules are not saved to the internal database by default. They're created dynamically when requested and unless you explicitly press the Edit button and then Save the rule, they won't appear in the saved rule list the next time you load the app (nor will they be synced or exported).

          Adding & Editing Rules

          I need to write a guide on this, as the editor has a LOT of features. I will get to it eventually, in the meantime hopefully everything is fairly self-explanatory. If you know me personally, you can also just ask me.

          Syncing Data

          The Sync pane has various options for syncing, importing, or exporting your password generation rules. In the future it will also support crypto keys that you can use for various encryption and digital signature purposes.

          Exporting to a file

          You can export your data as a downloaded file in Passy DataVault or JSON format.

          Importing from a file

          You can import data by uploading a data file previously exported from Passy.

          Log-in (to Sync Service)

          Clicking the Log-in button will bring up a dialog asking for your username, password, and a name to give this instances of the app. If you use the app on multiple devices (or even multiple browsers on the same device), each copy is considered a separate instance and needs to have its own login. An interface to manage instances/sessions will be added in the near future.

          Note that as mentioned on the login page, there is no public registration available for the Sync Service, so only people I know personally will have accounts created there. I don't see that changing any time soon.

          Sync Data (with service)

          Only shown if you are logged into the Sync Service, the big green Sync button performs a two-way sync operation. In general terms what it does is:

          1. Gets all docs from the service that have changed since you synced last.
          2. Sends all local docs that have changed since you synced last.
          3. In the case of a conflict, local docs take priority.

          The Sync operation is the primary way to use the service, and recommended for almost all use cases.

          Send All (to service)

          The Send All button sends ALL local rules to the service, regardless of when they were updated last. No conflict checks are done; any existing rules with the same ids will simply be overwritten.

          Load All (from service)

          The Load All button gets ALL rules from the service, regardless of when they were updated last. No conflict checks are done; any existing rules with the same ids will simply be overwritten.

          Log-out (from service)

          The Log-out button will remove the instance session from the service, as well as any API tokens saved in the local app settings.

          Logging out is not really necessary. The service is only ever communicated with if you go to the Sync pane and press one of the Sync/Load/Send buttons. It's not running in the background or connecting automatically. Even if I eventually do add an auto-sync feature, it will be optional and will have to be enabled before it will be used.

          Settings

          I don't have much to say about the settings pane as there's not many settings in the current version. This section may eventually have more in it if I add any settings that require more documentation.