smartpasslib v2.1.1

Full Changelog: v2.1.0...v2.1.1

smartpasslib v2.1.0

smartpasslib (Smart Passwords Library) ^v2.1.0

Smart Passwords Library: Cryptographic password generation and management without storage. Generate passwords from secrets, verify knowledge without exposure, manage metadata securely.

---

🔐 Core Principles:

• 🔐 Zero-Storage Security: No passwords or secret phrases are ever stored or transmitted
• 🔑 Deterministic Generation: Identical secret + parameters = identical password (SHA3-512 based)
• 📝 Metadata Only: Store only verification metadata (public keys, descriptions, lengths)
• 🔄 On-Demand Regeneration: Passwords are recalculated when needed, never retrieved from storage

What You Can Do:

1. Smart Passwords: Generate deterministic passwords from secret phrases
2. Strong Random Passwords: Cryptographically secure passwords with character diversity
3. Authentication Codes: Generate secure 2FA/MFA codes with guaranteed character sets
4. Base Passwords: Simple random passwords for general use
5. Key Generation: Create public/private verification keys from secrets
6. Secret Verification: Prove knowledge of secrets without revealing them (public key verification)
7. Metadata Management: Store and update password metadata (descriptions, lengths) without storing passwords
8. Deterministic & Non-Deterministic: Both reproducible and random password generation options

Key Features:

• ✅ No Password Database: Eliminates the need for password storage
• ✅ No Secret Storage: Secret phrases never leave your control
• ✅ Public Key Verification: Verify secrets without exposing them
• ✅ Multiple Generator Types: Smart, strong, base, and code generators
• ✅ Metadata Updates: Modify descriptions and lengths without affecting cryptographic integrity
• ✅ Full Test Coverage: 100% tested for reliability and security
• ✅ Cross-Platform: Works anywhere Python runs

Security Model:

• Proof of Knowledge: Verify you know a secret without storing or transmitting it
• Deterministic Security: Same input = same output, always reproducible
• Metadata Separation: Non-sensitive data (descriptions) stored separately from verification data (public keys)
• No Recovery Backdoors: Lost secret = permanently lost passwords (by design)

---

🆕 What's New in v2.1.0

⚠️ CRITICAL WARNING: Upgrading to v2.1.0 will break all existing password generation. All passwords generated with v1.x will become invalid, and public keys will no longer verify.

Major Changes:

API Simplification:

• Removed login parameter from all methods - now uses only secret phrase
• Simplified SmartKeyGenerator to work with single secret parameter
• Removed SmartPasswordMaster.generate_default_smart_password() method

Data Model Updates:

• SmartPassword class updated: login → description, key → public_key
• All deprecated methods removed
• Removed deprecated file_path property from SmartPasswordManager

New Features:

• Added SmartPassword.update() method to modify description and length
• Added SmartPasswordManager.update_smart_password() method for stored passwords

Security Improvements:

• Simplified key derivation algorithm in SmartKeyGenerator
• Cleaner seed management in SmartPasswordGenerator
• Removed complex hash mixing from v1.x

Testing & Quality:

• 100% test coverage achieved
• Comprehensive exception testing added
• Improved test fixtures and data management

Breaking Changes:

Method Signature Changes:

# v1.x → v2.1.0
SmartPasswordMaster.generate_smart_password(login, secret, length)
SmartPasswordMaster.generate_smart_password(secret, length)

SmartPasswordMaster.generate_public_key(login, secret)
SmartPasswordMaster.generate_public_key(secret)

SmartPasswordMaster.check_public_key(login, secret, public_key)
SmartPasswordMaster.check_public_key(secret, public_key)

Class Structure Changes:

# v1.x → v2.1.0
SmartPassword(login, key, length)
SmartPassword(public_key, description, length)

SmartKeyGenerator._create_key(login, secret, steps)
SmartKeyGenerator._create_key(secret, steps)

Removed Methods:

• SmartPasswordManager.add() → use add_smart_password()
• SmartPasswordManager.get_password() → use get_smart_password()
• SmartPasswordManager.remove() → use delete_smart_password()
• SmartPasswordManager.load_file() → internal _load_data()
• SmartPasswordManager.save_file() → internal _write_data()
• SmartPasswordManager.file_path → use filename
• SmartPasswordMaster.generate_default_smart_password()

Migration Guide:

Password Generation:

# v1.x
password = SmartPasswordMaster.generate_smart_password(
    login="service", 
    secret="mysecret", 
    length=12
)

# v2.1.0
password = SmartPasswordMaster.generate_smart_password(
    secret="mysecret", 
    length=12
)

SmartPassword Creation:

# v1.x
sp = SmartPassword(
    login="GitHub", 
    key=public_key, 
    length=16
)

# v2.1.0
sp = SmartPassword(
    public_key=public_key,
    description="GitHub", 
    length=16
)

Manager Operations:

# v1.x (deprecated methods)
manager.add(password)
manager.get_password("login")

# v2.1.0
manager.add_smart_password(sp)
manager.get_smart_password(public_key)

Metadata Updates (New):

# Update existing smart password metadata
manager.update_smart_password(
    public_key=stored_key,
    description="Updated Service Name",
    length=20
)

# Or update SmartPassword object directly
password_metadata.update(
    description="New Description",
    length=24
)

Key Improvements:

1. Simplified API - Single secret parameter instead of login + secret
2. Cleaner Code - Removed all deprecated methods and legacy code
3. Better Security - Streamlined cryptographic operations
4. Full Test Coverage - 100% test coverage ensures reliability
5. Clearer Naming - public_key accurately represents verification key
6. Metadata Updates - New update() methods for description and length

Note: v2.1.0 is not backward compatible with v1.x. Update your code according to the migration guide.

---

Note: This is v2.1.0. If migrating from v1.x, all passwords must be regenerated.

Full Changelog: v2.0.0...v2.1.0

Smart Passwords Library (smartpasslib) v2.0.0

Smart Passwords Library (smartpasslib) v2.0.0

🔄 What's New in v2.0.0

⚠️ CRITICAL WARNING!: Upgrading to v2.0.0 will break all existing password generation. All passwords generated with v1.x will become invalid, and public keys will no longer verify. This is not a compatible upgrade - it completely changes the cryptographic foundation.

Major Changes:

API Simplification:

• Removed login parameter from all methods - now uses only secret phrase
• Simplified SmartKeyGenerator to work with single secret parameter
• Removed SmartPasswordMaster.generate_default_smart_password() method

Data Model Updates:

• SmartPassword class updated: login → description, key → public_key
• All deprecated methods removed (not just marked as deprecated)
• Removed deprecated file_path property from SmartPasswordManager

Security Improvements:

• Simplified key derivation algorithm in SmartKeyGenerator
• Cleaner seed management in SmartPasswordGenerator
• Removed complex hash mixing from v1.x

Testing & Quality:

• 100% test coverage achieved
• Comprehensive exception testing added
• Improved test fixtures and data management

Breaking Changes:

Method Signature Changes:

# v1.x → v2.0
SmartPasswordMaster.generate_smart_password(login, secret, length)
SmartPasswordMaster.generate_smart_password(secret, length)

SmartPasswordMaster.generate_public_key(login, secret)
SmartPasswordMaster.generate_public_key(secret)

SmartPasswordMaster.check_public_key(login, secret, public_key)
SmartPasswordMaster.check_public_key(secret, public_key)

Class Structure Changes:

# v1.x → v2.0
SmartPassword(login, key, length)
SmartPassword(public_key, description, length)

SmartKeyGenerator._create_key(login, secret, steps)
SmartKeyGenerator._create_key(secret, steps)

Removed Methods:

• SmartPasswordManager.add() → use add_smart_password()
• SmartPasswordManager.get_password() → use get_smart_password()
• SmartPasswordManager.remove() → use delete_smart_password()
• SmartPasswordManager.load_file() → internal _load_data()
• SmartPasswordManager.save_file() → internal _write_data()
• SmartPasswordManager.file_path → use filename
• SmartPasswordMaster.generate_default_smart_password()

Migration Guide:

Password Generation:

# v1.x
password = SmartPasswordMaster.generate_smart_password(
    login="service", 
    secret="mysecret", 
    length=12
)

# v2.0
password = SmartPasswordMaster.generate_smart_password(
    secret="mysecret", 
    length=12
)

SmartPassword Creation:

# v1.x
sp = SmartPassword(
    login="GitHub", 
    key=public_key, 
    length=16
)

# v2.0
sp = SmartPassword(
    public_key=public_key,
    description="GitHub", 
    length=16
)

Manager Operations:

# v1.x (deprecated methods)
manager.add(password)
manager.get_password("login")

# v2.0
manager.add_smart_password(sp)
manager.get_smart_password(public_key)

Key Improvements:

1. Simplified API - Single secret parameter instead of login + secret
2. Cleaner Code - Removed all deprecated methods and legacy code
3. Better Security - Streamlined cryptographic operations
4. Full Test Coverage - 100% test coverage ensures reliability
5. Clearer Naming - public_key accurately represents verification key

Note: v2.0.0 is not backward compatible with v1.x. Update your code according to the migration guide.

Full Changelog: 1.2.1...v2.0.0

Smart Password Library v1.2.1

Full Changelog: v1.2.0...v1.2.1

What's Changed

• feat/refactor: Code refactoring. New methods added. Some methods marked as deprecated. by @smartlegionlab in #2
• Global code refactoring issue #4. Add tests (issue #3) by @smartlegionlab in #5

New Contributors

• @smartlegionlab made their first contribution in #2

Full Changelog: https://github.com/smartlegionlab/smartpasslib/commits/1.2.1