Developed by Sudhir Kumar (@SudhirDevOps1), KeyForge Pro is a world-class, 100% offline password management and generation ecosystem. Unlike traditional managers, it combines a Smart Formula Logic with Military-Grade AES-256-GCM Encryption to ensure your credentials are both memorable and mathematically unbreakable.
Important
Zero Data Leakage: This application runs entirely in your browser. No data ever touches a server. Your Master Key is never stored—only its SHA-256 hash exists locally for verification.
The core philosophy of KeyForge is that you shouldn't have to remember 100 random strings. Instead, you remember one Secret Base Word and apply the formula.
graph LR
A[Secret Base Word] --> B{KeyForge Engine}
C[Site Name] --> B
D[Special Symbol] --> B
E[Current Year] --> B
B --> F[Unique Strong Password]
| Input Component | Value | Resulting Password |
|---|---|---|
| Base Word | Kitab |
|
| Site | Instagram |
|
| Separator | - |
Kitab-Insta@2026 |
| Symbol | @ |
|
| Year | 2026 |
KeyForge Pro v3.0 utilizes the native Web Crypto API for high-performance, secure operations.
- Key Derivation: Uses PBKDF2 (Password-Based Key Derivation Function 2) with 100,000 iterations of SHA-256 to turn your Master Key into a 256-bit encryption key.
- Encryption: Uses AES-256-GCM (Galois/Counter Mode), providing both confidentiality and authenticity (AEAD).
- Unique IVs: Every export generates a fresh Initialization Vector (IV) and Salt, ensuring that even identical vaults result in different encrypted blobs.
async function encryptData(data, password) {
const salt = crypto.getRandomValues(new Uint8Array(16)); // Random Salt
const iv = crypto.getRandomValues(new Uint8Array(12)); // Unique IV for GCM
const key = await deriveKey(password, salt); // PBKDF2 Derivation
const enc = new TextEncoder();
const encrypted = await crypto.subtle.encrypt(
{ name:'AES-GCM', iv },
key,
enc.encode(JSON.stringify(data))
);
// Returns a secure, self-contained encrypted object
}- Formula Gen: Strategic passwords based on your secret base word.
- Passphrase Gen: Uses an EFF-inspired wordlist of 350+ words for human-readable security.
- Random Gen: Pure cryptographic randomness for maximum entropy.
- Auto-Lock: Vault automatically locks after 15 minutes of inactivity.
- Categories: Organize by Social, Finance, Dev, Gaming, etc.
- Strength Analyzer: Real-time entropy calculation and "Time-to-Crack" estimation.
- Encrypted JSON: Export your entire vault as an AES-256-GCM encrypted file.
- CSV Support: Standard format for legacy spreadsheet backups.
- Merge/Replace: Intelligently import data without losing current entries.
| Action | Shortcut |
|---|---|
| Lock Vault | Ctrl + L |
| Copy Last Password | Ctrl + Shift + C |
| Generate New Random | Ctrl + Shift + G |
| Open History | Ctrl + H |
| Switch Tabs | Alt + [1-6] |
| Close Modals | Esc |
Tip
This project is a "Single File Application"—everything is bundled in one HTML file for maximum portability.
- Frontend: Tailwind CSS v4.0
- Typography: Inter & JetBrains Mono (via Google Fonts)
- Icons: HeroIcons & Custom SVG
- Storage: Browser LocalStorage (Encrypted on Export)
- Security: Web Crypto API
- Persistence Challenge: Modify the code to support a "Local File System Access API" to auto-save the encrypted JSON to a local folder.
- Security Challenge: Implement a "Duress Password" that clears the LocalStorage if entered in the lock screen.
- UI Challenge: Add a "Dark/Light/Cyberpunk" theme switcher using Tailwind CSS variables.
Sudhir Kumar GitHub: @SudhirDevOps1
Version 3.0 — "The Encrypted Edition" Made with ❤️ for the Privacy Community