The official Android client for app.keyspace.cloud. A beautiful and secure password manager where you hold the keys.
Create and store passwords, two-factor authentication codes, backup codes and more.
Secure notes with rich previews and markdown support
Access your credit and debit cards with ease
Swipe up and scan a QR code to instantly log into your desktop
All of this is backed up and encrypted with a 12 word recovery phrase.
Keyspace uses end-to-end encryption to secure all user data (Logins, Notes, Cards etc.) with keys derived from a 12 word mnemonic seed phrase.
Read more: Bitwarden Security White Paper (page 9)
Most password managers transmit a hash of users master password for authentication purposes. Keyspace uses a challenge-response based authentication scheme to eliminate users master password hashes being stored on the backend. The client simply signs cryptographic challenge and sends it to the backend. Password hashes never cross the wire.
Most cloud based password managers derive a master key that encrypts other keys which are 'wrapped' or 'protected' which is then stored on their servers. Keyspace derives all keys deterministically on your device from the 12 word mnemonic seed phrase eliminating the need for 'wrapped' keys.
Read more: Bitwarden Icon Privacy
Your privacy matters. No third party analytics or crashlytics libraries were used in the making of Keyspace. No network calls are made to external endpoints to fetch item icons.
XChaCha20-Poly1305 with 192bit nonce instead of AES256 GCM or CBC and ED25519 over RSA for signatures.
Your encryption key is stored on a separate hardware security module (HSM) inside your phone which has its own CPU, storage and RNG, safeguarded against key extraction. Keys are only accessible upon successful device authentication.
Instantly sign out and delete all on-device Keyspace data by tapping the quick settings tile. Useful if the country you're in has a poor human rights record or if your device is confiscated without your consent.
On a flight? No problem. Keyspace can do everything offline and sync once you're online.
Keyspace is written in Kotlin. Keyspace is designed to be fast and lightweight in size <20MB.
Note: Strongbox-backing depends on availability of device-specific hardware. Keyspace will use other secure methods in case your device has no Strongbox.
- Owais Shaikh - Android App
- Nimish Karmali - Cryptography, Architecture and Infrastructure
- Rohan Chaturvedi - Backend API, Browser and Desktop Apps
Copyright © 2022-2023 Keyspace
This project is licensed under the GNU GPLv3 License