undefined | Better HN

0 pointsninkendo2mo ago0 comments

Ugh, you made me spend the 20 minutes it takes to spin up a new github account to share this (my existing one uses my real name and I don't really want to doxx myself that much. Not that it's a huge deal, my real identity and the "ninkendo" handle have been intertwined a lot in the past.)

https://github.com/ninkendo84/kenpass

I'm not saying it's perfect, there's some things I would've done differently in the code. It's also not even close to done/complete, but it has:

- A background agent that keeps the unsealed vault in-memory

- A CLI for basic CRUD

- Encryption for the on-disk layout that uses reasonably good standards (pbkdf2 with 600,000 iterations, etc)

- Sync with any server that supports webdav+etags+mTLS auth (I just take care of this out of band, I had the LLM whip up the nginx config though)

- A very basic firefox extension that will fill passwords (I only did 2 or 3 rounds of prompting for that one, I'm going to add more later)

Every commit that was vibe-coded contains the prompt I gave to Codex, so you can reproduce the entire development yourself if you want... A few of the prompts were actually constructed by ChatGPT 5.2. (It started out as a conversation with ChatGPT about what the sync protocol would look like for a password manager in a way that is conflict-free, and eventually I just said "ok give me a prompt I can give to codex to get a basic repo going" and then I just kept building from there.)

Also full disclosure, it had originally put all the code for each crate in a single lib.rs, so I had it split the crates into more modules for readability, before I published but after I made the initial comment in this thread.

I haven't decided if I want to take this all the way to something I actually use full time, yet. I just saw the 1password subscription increase and decided "wait what if I just vibe-coded my own?" (I also don't think it's even close to worthy of a "Show HN", because literally anybody could have done this.)

0 comments

FEELmyAGI2mo ago

Thank you for the time commitment based on an internet forum comment. I appreciate greatly the succinct human written README.

Did you investigate prior art before setting out on this endeavor? https://www.google.com/search?q=site%3Agithub.com+password+m...

I ask because engineers need to be clever and wise.

Clever means being capable of turning an idea into code, either by writing it or recently by having the vocabulary and eloquence to prompt an LLM.

Wisdom means knowing when and where to apply cleverness, and where not to. like being able to recognize existing sub-components.

ninkendoOP2mo ago

> Did you investigate prior art before setting out on this endeavor

Lol no, I had no idea there was any other password managers! Thanks for the google search link! I didn't know search engines existed either!

> Wisdom means knowing when and where to apply cleverness, and where not to. like being able to recognize existing sub-components.

It says literally in the README that part of this is an exercise in seeing what an LLM can do. I am in no way suggesting anyone use this (because there's a bazillion other password managers already) nor would I even have made this public if you hadn't baited me into doing it.

The fact that there's a literal sea of password managers out there is why I'm curious enough to think "maybe a one that I get to design myself, written to exactly my tastes and my tastes alone could be feasible", and that's what this exercise is about. It literally took me less time to vibe-code what I have right now, than to pour through the sea of options that already exist to decide which one I should try. And having it be mine at the end means that I can implement my pet features the way I want, without having to worry one bit about fighting with upstream maintainers. It's also just fun. I thoroughly enjoy the process of thinking about the design and iterating on it.

svilen_dobrev2mo ago

sooo ...

> it actually did a good job.

applies when there is a sea of "prior art" on the topic requested. And that request (prompt) is actually framed/worded properly to match that prior art.

Which may be perfect if the target is reduceable to prior-art. Re-use, Mix-and-match, from opensource or stackoverflow, into my-own-flavour-hot-water, finally!

No, this is not sarcasm. i hate to (catch myself a month later) reinventing hot-water. Let something else do it.

The question that stays with me is, How to keep the brain-bits needed for that inventing / making new stuff , alive and kicking.. because they will definitely deteriorate towards zero or even negative. Should we reinvent each 10th thing? just for the mental-gym-nastics?

FEELmyAGI2mo ago

If you didn't like me telling you about search engines you probably won't like me telling you how git clone works BUT...

For all intents and purposes, (in the context of diddling around with a password manager you might use yourself and wouldn't recommend to anyone), Any/all of those existing open source password managers can ALSO be yours just as much as the output from any LLM.

I'm serious, not only can you tweak them to "your tastes and your tastes alone", you don't have to even tell upstream maintainers what you're doing let alone get it merged.

ninkendoOP2mo ago

So if you’re just going to complain about me reinventing the wheel (even though I already explained this is literally an exercise to see what an LLM can do), can we at least recognize the goalpost shift here?

I’m just going to assume that you’ve completely conceded your original point then, since you have absolutely zero to say about whether you agree the LLM did good work or not. Since the moment I showed you its work, you immediately shifted to insulting my intelligence for bothering with a password manager in the first place.

I honestly don’t know why I bother feeding trolls like you when it’s clear your only goal here is to find fault.

1 more reply

slopinthebag2mo ago

How do you know it's secure?

j / k navigate · click thread line to collapse

0 comments

FEELmyAGI2mo ago

Thank you for the time commitment based on an internet forum comment. I appreciate greatly the succinct human written README.

Did you investigate prior art before setting out on this endeavor? https://www.google.com/search?q=site%3Agithub.com+password+m...

I ask because engineers need to be clever and wise.

Clever means being capable of turning an idea into code, either by writing it or recently by having the vocabulary and eloquence to prompt an LLM.

Wisdom means knowing when and where to apply cleverness, and where not to. like being able to recognize existing sub-components.

ninkendoOP2mo ago

> Did you investigate prior art before setting out on this endeavor

Lol no, I had no idea there was any other password managers! Thanks for the google search link! I didn't know search engines existed either!

> Wisdom means knowing when and where to apply cleverness, and where not to. like being able to recognize existing sub-components.

svilen_dobrev2mo ago

sooo ...

> it actually did a good job.

applies when there is a sea of "prior art" on the topic requested. And that request (prompt) is actually framed/worded properly to match that prior art.

Which may be perfect if the target is reduceable to prior-art. Re-use, Mix-and-match, from opensource or stackoverflow, into my-own-flavour-hot-water, finally!

No, this is not sarcasm. i hate to (catch myself a month later) reinventing hot-water. Let something else do it.

FEELmyAGI2mo ago

If you didn't like me telling you about search engines you probably won't like me telling you how git clone works BUT...

I'm serious, not only can you tweak them to "your tastes and your tastes alone", you don't have to even tell upstream maintainers what you're doing let alone get it merged.

ninkendoOP2mo ago

I honestly don’t know why I bother feeding trolls like you when it’s clear your only goal here is to find fault.

1 more reply

slopinthebag2mo ago

How do you know it's secure?

j / k navigate · click thread line to collapse