|Google Play:||Check if it's there|
The Enigmatic Mouse is a small password manager, the purpose is to be as small as possible while still providing a bearable user experience. By being small The Mouse is auditable by our user base. No need to trust a third party with the keys to the kingdom, you can fork the repository and add new features or even disable existing ones! For maximum security we recommend that you build and side-load the application yourself. This ensures that a rogue version published to the Play store won’t steal all your passwords.
The master password is combined with a key derivation function (Scrypt) to generate an AES key of 256 bits. Another key is then created within the Trusty TEE (HSM) and used to encrypt the AES key. The key stored in TEE is protected by your fingerprint and never leaves the HSM. We store the encrypted key, the salt used with the master password and the initialization vector used as shared preferences. This information is not a cryptographic secret. When the user authenticates with their fingerprint, we use the AES key stored in the HSM to decrypt the key derived from the master password. When the master key is recovered, we initialize the Realm encrypted database with it.