KumaSafe

KumaSafe - a simple way to securely manage passwords between team members. KumaSafe is a web based program that is perfect for small or large teams that need to share passwords, and even suitable for the loner who wishes to organize many different passwords in one place.

KumaSafe allows the administrator to define user groups and create unlimited users in those groups. Access to passwords can be restricted by user group, or individual. This makes for an excellent way to share passwords across departments, or teams, without sacrificing privacy. Additionally, some users can be given access to only use passwords (without even seeing the password itself), while others are allowed to use or manage them.

KumaSafe is an excellent tool for professionals that manage many hosting accounts (especially cPanel or WHM) and do not want to save passwords in FireFox, or have to constantly look for the password in a spreadsheet or email.

And what about security? Well KumaSafe is extremely secure - using top-notch TWOFISH encryption, randomized initialization vectors, multi-level sha and md5 hashing, and different encryption keys for every password - it just doesn’t get much safer than that.

I’m giving away KumaSafe version 1.0. It is freely available for download here - and completely open source so you techies can see its guts. Not only that, but I’m also giving a generous license to use and modify at your hearts content - HOWEVER, commercial redistribution in whole or in part is strictly prohibited.

Download KumaSafe Now - v1.0!

Installation is as simple as 1,2,3…

  1. Unzip the file and edit the config.php file
  2. FTP the files to your webserver
  3. run the install script www.YOURDOMAIN.com/kumasafe/install/do and viola!

*more detailed installation instructions are available inside the download file, requirements are simply PHP 5.1 or greater, Apache, and MySQL

Also, I’ve got a demo site up and running if you prefer to poke around before installing.

username: demo
password: demo1
sso key: demo1

And if that isn’t enough - here is a crazy little video I made to demonstrate how the system works including showing the database getting updated, SSOs (simple 1-Click sign-ons) in action, and general navigation. Unfortunately, I didn’t edit this video, and I didn’t get around to adding the sound - so it may be long and rather boring :)

All in all, this project has been a ton of fun to develop. It really pushed the envelope on encryption, especially in the concept of shared private encryption - where users can share passwords without ever knowing each other’s encryption keys.

This project is also built on top of an MVC framework that I’ve developed and maintained since 2006. The MVC project (named “Base MVC”) stemmed from my year long journey with Ruby on Rails, and was created out of my desire to see a very lite PHP 5 framework that was similar yet incorporated my own ideas (this was pre-Zend Framework although I’ve used it, and I did explore CakePHP and Code Igniter during my own framework’s development).

*KumaSafe is tested for use in FireFox
*Kuma = “Bear” in Japanese ;)
*Free version design by www.styleshout.com