PASTILDA

Opensource hardware

password manager

Pastilda

It provides easy and safe auto-login to bank accounts, mailboxes, corporate network or social media.

It is an open-source hardware designed to manage the credentials in handy and secure way.

So if you also have to daily remember and enter a number of strong passwords — assign it to Pastilda.

Hello, my name is Ivan. I lead Third Pin LLC — a team of enthusiasts, keen on developing special electronics and software. We are often glad when there is an opportunity to explore a new realm in the course of the daily routine.

Recently we again encountered a well known but very entertaining data security issue.

The issue is how to ensure the sufficient complexity of sensitive passwords with the least disturbance to the user's workflow.

We ​had summarized significant number of ideas, opinions, expirience and expectations about this, and conducted a series of tests for proof of concept.

Now we have a neat solution. Let me share with you some details about one of our favorite in-house projects — Pastilda.

Ivan Larionov

CEO 

Concept

HARDWARE ENCRYPTION

Pastilda never reveals master key to the host. Decrypted data stays onboard, unreachable for malware. 

How does it work?

Pastilda has two USB slots: one to connect keyboard, one to connect it to your PC. So, your OS recognizes Pastilda as composite device: a keyboard and a flash drive. And your real keyboard now is visible just for Pastilda, your PC doesn't see it at all.

 

On flash drive you should store KeePass 2.x portable app and encrypted KeePass database (.kdbx file).

In a regular mode, everyting you type on you keyboard translates through Pastilda to your PC.

If you need to sign in, you need to switch to "Pastilda mode". To do that you have to set your mouse cursor inside a login textbox and then type combination Ctrl + ~. After that, Pastilda will ask you to enter password from your KeePass database. 

If password is correct Pastilda decrypts your database and you can start to navigate trough it with arrows left, right, up and down. As soon as you find login you looking for, you should type Enter and after that, Pastilda automaticly substituted the corresponding password in password textbox and enters you account.

If password is incorrect Pastilda will offer you to enter password again. So, you can either continue to enter password or go back to regular mode by pressing Esc key on your keyboard.

Modes

While in regular mode Pastilda transponds all keystrokes with no changes

In "Pastilda mode" your keystrokes are never sent nowhere except Pastilda. Host recieves only used credentials and names of fields in database. So your master password and whole database always in safe.

Publications

July 13, 2016

There are quite a lot of articles and discussions dedicated to a difficult question of safe password keeping, this topic is interesting and seems to keep being actual for a long time. We assumed that the most convenient solution would be a simple and cheap device which would allow hardware keeping and entering logins and passwords without installing any software. 
 

Please reload

Team
Ioan Larionov

Ioan Larionov

CEO

Ilya Stolyarov

Ilya Stolyarov

Embedded software developer

Pavel Larionov

Pavel Larionov

Team lead

Dmitry Shishov

Dmitry Shishov

Circuit design engineer

Elena Larionova

Elena Larionova

Accountant

Pavel Vorobyov

Pavel Vorobyov

Engineer

Dmitry Lisin

Dmitry Lisin

Embedded software developer

Anastasiya Lazareva

Anastasiya Lazareva

Embedded software developer

Configuration options

Cost efficient configuration.

Basic fully functional Pastilda for use with external keyboards. 

DESKTOP

Improved mobility configuration. Includes Pastilda Desktop and special USB scroller plug for use without external keyboard if needed.

LAPTOP

Most flexibile configuration. Staffed with the scroller and set of plugs and cords for use with most of mobile devices.

MOBILE

Free samples for data security experts and opinion leaders. We are looking for clear feedback.

BETA

Order your own Pastilda here: