Cockatoo
Generate unique passwords from a single master password securely and locally
About Cockatoo
Cockatoo transforms your master password into site-specific passwords using cryptographic hashing. It works offline, never stores data, and auto-fills passwords in your browser. Optional secret gestures help remember more with less effort. Open-source and privacy-focused, supporting multiple platforms and browsers.
FAQ
Cockatoo turns your single master-password or secret gesture(s) into a particular password for any website using additional information like the site name and, optionally, a hash salt, and a cryptographic hash function.
No, Cockatoo does not keep information locally or send it anywhere. Everything works autonomously on your device. There is an option to save the master-password in the browser's local storage or cookies, but it is not recommended for security reasons.
Cockatoo is designed to be cloud-free, vault-free, uses industry-accepted hash functions, is pure open-source, supports a wide range of platforms and browsers, offers simple password modifiers, and allows secret gestures besides passwords.
Yes, Cockatoo is fully open-source, meaning the code is transparent and can be inspected thoroughly by anyone.
Cockatoo may require an updated browser due to the use of modern web techniques.
The software is based on Colin Percival's scrypt and uses its JavaScript implementation js-scrypt by Tony Garnock-Jones, licensed under the 2-clause BSD license.
Alternatives to consider
Community ratings & full list
Categories
Claim this tool
Are you the founder? Claim your profile to update details and track views.
Claim tool