Skip to content
OnePass Password Manager in the making.
JavaScript HTML Objective-C CSS Other
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


An Open-Source Password Manager (being) build on latest web/native technologies & higher security protocols.

The WebApp is still in the very development phase.

You could test out the live progress at

Use sample credentials from this paste


  • node >= 8 <11
  • neo4j

Table of contents

Quick Start

  1. Run yarn bootstrap in order to install all dependencies.
  2. Run whichever package you wish to, using specific commands listed below.
  3. Enjoy

Launch WebApp (Next.js - Express Server)

  • Run yarn run dev:web to launch webapp at port 4000


  • Run yarn run dev:extension to launch create-react-app at port 3000 and express backend server at port 4000

YARN Commands


This runs yarn install on each package and symlinks local packages.

Adding New Dependencies

Adding packages to a yarn workspaces project is slightly different than adding to a standard node package. Common devDependencies can be added to the top level package.json file using -W --dev flag.

Adding Common Dependencies

This is the most likely scenario you'll face.

In the root directory ( onepass/ ) run the following commands:

yarn add some-cool-package -W
yarn bootstrap

This makes some-cool-package available to all packages.

Adding Individual Dependencies

yarn workspace @onepass/<core/web/extension/mobile> add some-cool-package

Creating A Dependency To Another Local Package

To create a dependency to a foo package from a bar package:

In the bar package, add the following entry in the packages/bar/package.json file under the dependencies key:

  //...other stuff...
    //...other dependencies...
    "@onepass/foo": "0.0.1", // this version must be exact otherwise it fetches from npm


The version number must be exact as in the package.json of foo to link local packages, otherwise it will (try to) fetch the package from NPM.

Directory Structure

  • @onepass/core - Encryption/Decryption related functions
  • @onepass/web - Next.js App
  • @onepass/extension - Create-React-App Browser-extension
  • @onepass/server - Express Server

Vault Architecture

Follows similar architecture like of

Read more in-detail here

In simple words:

You have a Master Password & Secret Key with which ONLY you can unlock the vault.

These 2 items are NEVER send to the server in any manner.

All encryption / decryption stuff is done on the client device itself.



  • Node (Web server)
  • Express (Web server framework)
  • SRP Protocol (Authentication)
  • Passport (JWT Authentication)
  • React (UI library)
  • Next (Universal/server-side rendered React)
  • Redux (State management | Ducks Style)
  • styled-components (CSS styling solution library)
  • Ant-Design (React UI Framework)
  • SASS (CSS Preprocessor)
  • Neo4j (Graph database)

Browser extension

... not fixed yet

Android / iOS



👤 abhijithvijayan


Pull requests are welcome as there are plenty of improvements & features to be worked on.

Open issues for feedback, requesting features, reporting bugs or discussing ideas.

Show your support

Give a ⭐️ if this you find this project helpful!

Also, help in the development to slay the bugs and making this much awesome and free.

You can’t perform that action at this time.