Pastilda is an open-source hardware password manager, designed to manage your credentials in a handy and secure way.

Pastilda works as a middleman between your computer and keyboard. It provides easy and safe auto-login to your OS, bank accounts, mailboxes, corporate network or social media. Pastilda stores encrypted passwords in its memory. You can request a particular password at any time by pressing a special key combination on your keyboard.

Pastilda has two USB ports: one for your keyboard, one to connect to your PC. Your OS will recognize Pastilda as a USB keyboard and a USB flash drive.

The flash drive component stores the encrypted KeePass 2.x database (.kdbx file) and the KeePass 2.x portable app as needed. Your real keyboard is now visible only to Pastilda, your PC won’t see it at all.

In normal working mode, all keystrokes from your keyboard are passed through Pastilda to your PC unchanged.

When you need to sign into an account, you switch to "Pastilda mode". That’s done by placing your cursor inside the login text box and pressing the “Ctrl + ~” key combination. Pastilda will then ask you to enter the master password for your KeePass database, right in the current text box.

If the password is entered correctly, Pastilda will decrypt and display your database. You can navigate through it with left, right, up, and down arrows or you can just start to input the name of the entry in your database and Pastilda will display matching variants. Once you find the entry you’re looking for, press Enter and Pastilda will automatically enter the corresponding login and password.

If the password is incorrect, Pastilda gives you the option to try again or go back to regular mode by pressing the Esc key on your keyboard.

Who Needs It and Why?

Why use Pastilda if you use KeePass or another password manager app on all your devices? Because KeePass, like all solutions that are stored directly on your PC, has some security issues, as KeePass themselves admit:

"Neither KeePass nor any other password manager can magically run securely in a spyware-infected, insecure environment. Users still are responsible for the security of their PC."

But, Pastilda magically can!

Pastilda is for anyone who cares about personal and corporate information security. It’s also for developers and hobbyists who are interested in programming STM32 and USB. If you labor every day to remember and enter a number of strong passwords — give the job to Pastilda!

Features & Specifications

Security: open-source hardware and software - you can trust Pastilda never reveals the master key to the host decrypted data stays on board, unreachable by malware

Usability: summon Pastilda’s menu to any text field

Compatibility: simulates a common keyboard, so it works with most systems by default, requiring no drivers or client software. works with command line interfaces, BIOS, etc.

MCU: STM32F415

STM32F415 Connectivity: 2 x USB 2.0

2 x USB 2.0 Memory: microSD card slot up to 32 GB

microSD card slot up to 32 GB Dimensions: 20 mm x 60 mm x 12 mm

20 mm x 60 mm x 12 mm Weight: 50 g

Comparisons

The only similar project that we know of is Mooltipass. It’s in the production stage, but we believe Pastilda offers the best solution, as shown in the table below:

Pastilda Mooltipass Open-source Yes, hw & sw Yes, hw & sw The master password cannot be stolen Yes Yes Alternative convenient software for your database Yes No Works immediately on any computer Yes Yes Automatic LogIn Yes Yes Cost $50 USD $170 USD Data is stored securely while account is accessible Yes No (if you use their browser plugin*) Secure storage disk space Yes* No

Manufacturing Plan

2017-02-03 - Campaign start

2 weeks - PCBs Rev. 1 development

2 weeks - PCBs Rev. 1 manufacturing

2 months - Software Rev. 1 development

8 weeks - Manufacturing

1 week - Testing

Stay tuned, be happy, use strong passwords!

~