The Shatter Lock project introduces a robust password management solution designed to address the challenges of secure credential storage and retrieval. Leveraging AES-256 encryption, the application ensures high-level security for user data, while its intuitive Tk-inter and TTK-bootstrap-based interface enhances usability. Key features include password generation, secure storage, and master password authentication, making it a reliable tool for individuals and organizations. The project successfully integrates modern encryption techniques with a user-friendly design, though limitations such as the lack of cloud synchronization and two-factor authentication present opportunities for future enhancements. Overall, Shatter Lock demonstrates the viability of open-source tools in creating secure and accessible password management systems._
Introduction
Shatter Lock is a secure, user-friendly password management application designed to protect user credentials using AES-256 encryption, one of the most robust encryption standards. It offers features like password generation, editing, deletion, and secure access via a master password or biometric authentication. By focusing on local storage rather than cloud solutions, Shatter Lock enhances privacy and reduces risks associated with online data storage.
Key Features:
AES-256 Encryption: Ensures top-level security for stored passwords.
Password Storage: Safely stores credentials for websites, apps, and accounts.
Password Generation: Creates strong, unique passwords to improve security.
Secure Access: Uses master password and biometric options for authentication.
Background and Literature:
Inspired by existing managers like Bitwarden and LastPass, Shatter Lock emphasizes local data storage to improve privacy and reduce reliance on cloud services. It builds upon proven encryption techniques such as AES-256 and PBKDF2 for key derivation, incorporating features like category-based filtering and a polished interface.
Proposed Methodology:
Uses PBKDF2 to derive secure keys from passwords, increasing resistance to brute-force attacks.
Develops a responsive and modern graphical interface using ttkbootstrap.
Supports flexible storage formats including JSON and SQLite.
System Architecture:
Checks for master password setup; if absent, prompts user to create one securely hashed using PBKDF2-SHA256.
Validates login by comparing hashes to prevent unauthorized access.
Provides a secure and intuitive interface for managing passwords.
Modules and Functionalities:
User Authentication: Handles secure login/logout and session management.
User Interface: Offers accessible, responsive design for easy navigation.
Password Strength Validation: Ensures strong password creation with real-time feedback.
Security and Privacy: Manages encryption keys and compliance with data protection standards.
Password Management: Supports password creation, update, recovery, and organization.
Storage and Encryption: Encrypts passwords securely at rest and during transmission.
Results and User Experience:
The interface allows categorization of passwords (e.g., Social Media, Banking, Work), making management efficient.
Password entries include website, username, generated strong passwords, and descriptions, all stored securely in a local encrypted database.
The system balances usability with security, ensuring users can easily add, view (masked), and manage their credentials with confidence.
Conclusion
The Shatter Lock project successfully delivers a secure, user-friendly password manager that addresses the growing need for reliable credential storage and protection. By integrating AES-256 encryption, the application ensures that user data remains confidential and safe from unauthorized access. The project achieved its key objectives, including the development of a modern graphical user interface using Tkinter and ttkbootstrap, implementation of robust password generation and management features, and secure storage through JSON or SQLite databases.
Throughout the development process, careful attention was given to both security and usability, leading to a responsive and intuitive user experience. Extensive testing confirmed the application’s functionality, efficiency, and data integrity, while real-world feedback validated its practical utility.
Despite a few limitations—such as the absence of cloud synchronization, two-factor authentication, and automatic backup—the application lays a strong foundation for future enhancements. Overall, Shatter Lock proves to be an effective and scalable solution for password management, demonstrating solid implementation of encryption technologies and secure software development practices.
References
[1] Ahmet F. Mustacoglu, Ferhat O. Catak, “Password Based Encryption Approach for Securing Sensitive Data”, 17 February 2020, DOI – 10.1002/spy2.121
[2] KeePass : https://keepass.info/
[3] PyCryptodome : https://pypi.org/project/pycryptodome/
[4] TTKBootstrap : https://ttkbootstrap.readthedocs.io/