npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

clavem-cli

v1.0.0

Published

Password Based Dedicated Key Derivation

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

easymoveasymov

Keywords

Readme

Unlike most other password management applications, Clavem doesn't store anything. There is no place where your main password or your generated passwords are saved. Instead, the exact same password is generated every time you enter the same input.

Clavem use SHA-512 as cryptographic hash and 1,000,000 PBKDF2 iterations as derivation algorithm. This is made to ensure that it's very costly (or almost impossible) to guess your original password from a derived one.

Your username and the website are hashed, then merged, then hashed, to create a salt unique for every user/website pair.

Clavem is made to allow you to provide a different password to each service you use, without the burden of having many different passwords to remember.

When you provide a password to a website, nothing but ethic prevents its administrators from stealing it and so having access to all of your accounts if your password is shared among other websites. Even if administrators are nice enough to not use your password against your will, it can be stored in plain text and stole by hackers. And even if your password is securely stored by the website, we believe their hash method is not as secure as the one provided by Clavem since it's probably too costly for any webservice.

We think that if your memory is not extraordinary, you don't have much alternatives :

  • remember one strong password and use it everywhere
  • remember many weak password and use them at different places
  • write down all passwords and travel with your physical password record
  • remember one strong password and derive unique passwords mentally (cheaply) for every website (by adding the website name as a suffix to your strong password for example)
  • trust a third party service to store your passwords

Clavem is better since you just remember one (hopefully) strong password, shared with no one, and securely derive a new password for each of your accounts. And still nothing is stored by Clavem !

It doesn't prevent you from following common security advices such as :

  • create a secure (long and random) password (use diceware for example)
  • change your password as often as possible
  • keep your passwords secret (don't pin it on a wall)

Don't trust us ! Fork this project on gitlab.com and host your own Clavem.