Passman is a full featured password manager.
Visit the “Passman General Talk” Telegram Group to participate in all sorts of topical discussions about Passman and its apps!
- External apps
- Support passman
For more screenshots: Click here
- Multiple vaults
- Vault keys are never sent to the server
- 256-bit AES-encrypted credentials (see security)
- User-defined custom credentials fields
- Built-in OTP (One Time Password) generator
- Password analyzer
- Securely share passwords internally and via link
- Import from various password managers:
Try a Passman demo here.
- Nextcloud 14
For older Versions see the Releases Tab
|MySQL / MariaDB||•|
Passman can generate passwords and measure their strength using zxcvbn.
All passwords are encrypted client side with sjcl using 256-bit AES. You supply a vault key which sjcl uses to encrypt your credentials. Your encrypted credentials are then sent to the server and encrypted yet again using the following routine:
- A key is generated using
secretfrom config.php (so back those up).
- The key is stretched using Password-Based Key Derivation Function 2 (PBKDF2).
- Encrypt-then-MAC (EtM) is used to ensure encrypted data authenticity.
- Uses openssl with the
- Initialization vector (IV) is hidden.
- Double Hash-based Message Authentication Code (HMAC) is applied for source data verification.
Passman allows users to share passwords. (Administrators may disable this feature.)
Passman offers a developer API.
Passman is open source but we’ll gladly accept a beer or pizza! Please consider donating:
If you have any code improvements:
- Clone us
- Make your edits
- Add your name to the contributors
- Send a PR
Or, if you’re feeling lazy, create an issue and we’ll think about it.
To run Passman with Docker, use our test Docker image. Supply your own self-signed SSL certs or use Let’s Encrypt. Please note: The Docker image is for testing only as database user / password are hardcoded.
If you’d like to spice up our Passman Docker image into a full-fledged, production-ready install, you’re welcome to do so. Please note:
- Port 80 and 443 are used
- SSL is enabled (or disabled if no certs are found)
- Container startup time must be less than 15 seconds
docker run -p 8080:80 -p 8443:443 -v /directory/cert.pem:/data/ssl/cert.pem -v /directory/cert.key:/data/ssl/cert.key brantje/passman
If you want a production-ready container, use the Nextcloud Docker and install Passman as an app.
- Passman uses a single
.jsfile for templates which minimizes XHR template requests.
- CSS uses SASS, so Ruby and SASS must be installed.
templates.jsand the CSS are built with
- Watch for changes using
- Run unit tests — Install phpunit globally, setup environment variables in the
launch_phpunit.shscript, and run the script. All arguments passed to
launch_phpunit.share forwarded to phpunit.
Add yours when creating a pull request!
Are you adding something to check if malicious code is executing on the browser?
No, because malicious code can edit functions that check for malicious code.