#  Password Manager Lite Specifications

## Introduction - Project Overview

The project consists of developing a simple, secure, and fully functional password manager that allows users to generate, store, organize, and retrieve their passwords locally or online (depending on difficulty level). It emphasizes security best practices (hashing, encryption), ease of use, and portability while remaining suitable for educational projects. The goal is to provide a practical tool that teaches secure password habits without the complexity of commercial solutions like LastPass or Bitwarden.

## Target Audience

This application is targeted at:
- Students and developers learning about cryptography and secure storage.
- Individuals seeking a lightweight, transparent alternative to commercial password managers.
- Users who want full control over their data with optional offline-first usage.
- Teachers and clubs using it as a real-world security project example.

## Key Features

### Core Features (MVP - Easy Level)
These represent the minimum viable product – fully offline, no backend:
- Master password protection (using PBKDF2 or Argon2 hashing – never stored).
- Add, edit, and delete password entries (site/app name, username/email, password, optional notes).
- Secure password generator (customizable length, character types).
- Simple list view with search/filter by site name.
- Copy password to clipboard with auto-clear after 30 seconds.
- All data encrypted client-side and saved in LocalStorage or as downloadable JSON.
- Clean, responsive, minimal interface.

### Additional Features

#### Medium Level
- All Easy features.
- Multiple vault templates (e.g., personal, work, family).
- Export encrypted vault as file (.json) + import.
- QR code generation for sharing individual entries securely.
- Password strength meter with visual feedback.
- Local data backup reminder system.
- Dark mode and improved UI/UX.
- Optional two-factor authentication (TOTP) support for entries.

#### Hard Level (Advanced)
- All features from Easy and Medium levels.
- Full user authentication system (register/login) with secure session management.
- Backend + real encrypted database (passwords never stored in plain text).
- Admin panel to manage users (for multi-user or family mode).
- Sync across devices via encrypted cloud storage (Firebase or custom).
- QR code scanning (webcam/mobile) to import entries.
- Customizable vault templates (colors, icons, categories).
- High-quality PDF export of vault summary (masked passwords).
- Breach check integration (via HaveIBeenPwned API – k-anonymity).
- Professional UI/UX with animations and mobile app feel.
- Optional AI-powered password health report (weak/reused detection).

## Deliverables
- Source code hosted on GitHub.
- 1-minute demo video showing vault creation, password generation, and secure export.
- PDF presentation explaining security choices (hashing, encryption, clipboard safety).
- Example encrypted vault file and recovery demonstration.

## Technical Specifications
- **Frontend**: HTML/CSS/JS, React, Vue.js, Flutter Web, or Svelte.
- **Backend** (Medium/Hard): Node.js, Python Flask/Django, PHP Laravel, or Firebase.
- **Database** (Hard): PostgreSQL, MySQL, MongoDB, or Firebase Firestore (with field-level encryption).
- **Cryptography**:
  - Master password → derive encryption key using Argon2id or PBKDF2-SHA256.
  - AES-256-GCM for vault encryption.
  - Never store master password or decryption key.
- **Export Tools**: jsPDF, html2canvas, FileSaver.js.
- **Other**:
  - Fully offline capable at Easy level.
  - Responsive design (mobile + desktop).
  - No plaintext passwords ever in memory longer than needed.
  - Secure headers and CSP in production.

This project is highly educational, visually appealing in demos (especially the password generator and vault unlock animation), and teaches real-world cybersecurity concepts responsibly.