Hello LET,
Host Login is a project that I have been working on for last week.
I hate having to search through my emails every time I have to login in to my server's vps panel. And specially when I am working on client's websites, I hate searching through emails to find the right login info.
So while I had some free time, I came up with my own tiny CRUD app to store them in one place. I showed it to some of my co-workers and they loved the idea, and wanted to use it as well. I thought about the number of people in LET that have multiple servers (and the lowend server addiction like I do) and thought you guys might get some use out of it as well, so i spent the last week converting my personal project to something that the public can use, and securing it.
I know some of you are going to argue that this cannot be safe and you don't want to store your passwords in some random server somewhere, and thats a perfectly valid argument, I wouldn't want to store my passwords anywhere either.
So to fix this issue, the application encrypts all passwords using the industry standard AES-256 encryption before submitting the data to our servers. The password will be encrypted using a passphrase that you will be able to set while creating your account, and you will need to use the passphrase to encode/decode your password every time. This means your passwords will never be sent to the server without being encrypted, and only you will be able to decrypt those using your passphrase. So technically, even if someone gets access to the database, they will not be able to access your passwords. You can verify that no data goes to the server unencrypted by examining the post data using something like firebug.
The passphrase will not be sent or saved on the servers either. A sha3 512 hash of the passphrase thats created on the client side (your browser) will be send and stored on the server (to make sure you use the same passphrase everywhere so that everything can be decrypted using one passphrase), and when the user is trying to encrypt something, the passphrase's hash will be checked against the one in server on the client side. sha3's are irreversible, so this means anyone who doesnt know your passphrase (including me who has access to server) wont be able to view any of the confidential information. Again, you can verify this by checking the post data submitted to servers.
Host Login supports adding a lot of server data like login information, links, specs and a lot more. You can hover over any data and it will automatically be selected so you can copy it easily.
The instant search box will let you filter your servers by anything, for example if you want to only see servers that are in Texas, just type in texas and it will automatically filter out all servers that do not have texas somewhere in them instantly.
I am working on implementing one click logins to whmcs and cpanel , and if technically possible other panels.
Here are screenshots (all servers can be expanded or collapsed):
It is free and is always going to be free. Feel free to suggest new features or report any bugs here or to hostlogin@nex.im
I would love your feedback on this. Thank you for checking.
Url: https://hostlog.in/
Edit: sorry had to delete that poll the first time because lowendtalk.com doesnt let me edit the page when there is a poll