HashFlog is a file-based credential vault designed to securely store user credentials. It uses SHA-256 for email IDs and bcrypt for password hashing. Each record is Fernet-encrypted, ensuring that sensitive data remains protected. The design includes an append-only log and a small index for O(1) look-ups, making it lightweight and efficient. This solution requires no database and operates with just two files, making it ideal for secure prototypes, IoT applications, and web apps.
- Secure Storage: Store email IDs using SHA-256 and passwords with bcrypt.
- Fernet Encryption: Each record is encrypted for added security.
- Efficient Access: An append-only log allows for quick retrieval.
- No Database Required: Works with just two files.
- Scalable: Designed to handle millions of users.
- Ideal for Prototypes: Perfect for IoT and web applications.
To get started with HashFlog, download the latest release from our Releases page. After downloading, follow these steps:
-
Extract the files.
-
Navigate to the directory in your terminal.
-
Run the installation script:
python setup.py install
Using HashFlog is straightforward. Here’s how you can store and retrieve credentials.
To store credentials, use the following command:
python hashflog.py store --email [email protected] --password your_passwordTo retrieve stored credentials, use:
python hashflog.py retrieve --email [email protected]--email: Specify the email ID.--password: Provide the password for storage.
HashFlog employs a simple yet effective architecture. Here’s a breakdown:
-
Credential Storage:
- Email IDs are hashed using SHA-256.
- Passwords are hashed with bcrypt, which adds a salt for security.
-
Encryption:
- Each record is encrypted using Fernet, ensuring that even if files are accessed, the data remains unreadable.
-
Log Structure:
- An append-only log records each entry, allowing for easy tracking of changes.
- A tiny index is maintained for O(1) look-ups, ensuring that retrieval is quick and efficient.
-
File Management:
- All data is stored in two files, making the system lightweight and easy to manage.
HashFlog covers a range of topics relevant to secure credential storage:
- append-only-log: A method for maintaining a record of changes.
- bcrypt: A password hashing function designed for secure storage.
- credential-store: A system for securely storing user credentials.
- encryption-decryption: Processes for securing and accessing data.
- fernet: A symmetric encryption method for secure data storage.
- file-based-database: A lightweight alternative to traditional databases.
- lightweight-auth: Simple authentication mechanisms for applications.
- password-hashing: Techniques for securely storing passwords.
- python: The programming language used for implementation.
- sha256: A cryptographic hash function used for securing email IDs.
We welcome contributions to HashFlog! If you’d like to help, please follow these steps:
- Fork the repository.
- Create a new branch for your feature or fix.
- Make your changes.
- Submit a pull request.
HashFlog is licensed under the MIT License. See the LICENSE file for details.
If you encounter any issues or have questions, please check the Releases page for updates and documentation. You can also open an issue in the repository for support.
HashFlog aims to provide a simple yet effective solution for credential management. Whether you're developing a prototype or building a secure application, HashFlog offers the tools you need to keep user data safe.