sphinx: a password Store that Perfectly Hides from Itself (No Xaggeration)
SPHINX is a cryptographic password storage as described in https://eprint.iacr.org/2015/1099.
You can also watch a video about SPHINX by the 2018 Levchin Prize winner Hugo Krawczyk on the Real World Crypto conference 2017.
Want more details? go to sphinx.pm
The nice thing is, you don't have to trust me with this protocol. This server could be operated by criminals, politicians or your adversarial intelligence service. And yet it would be totally ok.
2025-03-11 Due to an backwards-incompatible upgrade to v2.0 of the server we moved the v1.0 server to port 2443. If you need to access your passwords in this older version please update your sphinx configuration to point to the new port. The new version of our server is running at the usual 443 port. To use this you need at least v2.0.0 of pwdsphinx.
2021-06-29 Due to an backwards-incompatible upgrade to v1.0-rc1 of the server we moved the pre-v1.0 server to port 8443. If you need to access your passwords in this older version please update your sphinx configuration to point to the new port. The new version of our server is running at the usual 443 port. To use this you need at least v1.0-rc5 of pwdsphinx.
For the most reliable and secure experience use pwdsphinx from the command-line. pwdsphinx is needed anyway also for all the other frontends - except androsphinx.
For chrom* derivates and firefox derivates get the plugin from v2.0 releases and follow the instructions for chrom* and firefox.
For android grab androsphinx v0.5.2 on your phone.
contributions welcome
Note the following packages need to be built by yourself, we'll publish binary packages soon™
For windows just get the installer and you need to install the webextension in your web-browser following these instructions.
Apple products are not supported (only on the cmd line, via the python-based pwdsphinx), but anyone is welcome implement a client for them - it's not that difficult.
Put this into your ~/.sphinxrc
[client]
timeout = 3
rwd_keys = True
[servers]
[servers.pwdctrlc]
# use the tor hidden service
#host = "dnbarwg4uxdfjemfc6jw2dfplixqwt67fpergmurfi2cmo7tz44jckqd.onion"
host="pwd.ctrlc.hu"
port=443
ltsigkey = "QjMKdyG6XCdgonn0xrvzKEXLOej/sVAtgfDayZBYVP0="
[servers.pwd2ctrlc]
# use the tor hidden service
#host = "ovww77nbtw3pr3kcslsaaner65wbeq62lhs6mzng42oloi7vvr5cwayd.onion"
host="pwd2.ctrlc.hu"
port=443
ltsigkey = "sJs724fgJ8ax98gTI3IihtFmzkz8lls41+GcDMHCQpk="
[websphinx]
pinentry=/usr/bin/pinentry-gtk-2