Providing a secure, open-source password managing service to all Internet users is our goal. We strongly believe that privacy is everyone’s right, and open-sourcing is the only way to prove that and stay transparent.
| Teja Swaroop | Krish |
|---|---|
| Project lead, backend dev | front end dev |
We are open for collaboration. Are you passionate in user security just like us? Got skills that you think can help this project? Feel free to join our team.
Have you ever used the same password for multiple websites (or you still are)? That’s a BAD idea. What if one of the websites suffered a data breach? That would expose your password which is common for multiple websites. The best practice is to use a unique, randomly-generated strong password for each website you’re signing in, on the Internet. That obviously involves a lot of brain work as you would need to remember passwords for every website you use, and these passwords aren’t even easy to memorize, because they are randomly generated, and also very long (that’s what makes them strong). So you would use a password manager that generates these random strong passwords, and also remembers them for you. All you need to remember is a MASTER PASSWORD using which you can unlock all the other passwords on your password manager.
So there are a lot of password managers already available that also claim to be very secure (I do believe most of them are secure), but the problem is, they are not open-source. Now, how can we trust a software with our passwords when we don’t know what it’s doing? Although they claim to be secure and they most probably are, they still lack transparency. What if they are controlled or influenced by the government?
For this reason, we need an open-source alternative. Though there are also many open-source password managers available, our goal is to make one that is easy to setup, use, and provides security in the most efficient way possible.
For example, when you use passwordzz to save your passwords, we want to make sure that ONLY YOU can extract these passwords anytime, and from anywhere. Not even the server (on which your passwords are actually saved) will be able to extract your passwords. So even if the passwordzz server got breached at any point in time, there would simply be no way to extract users' passwords from the leaked data.
You can host the passwordzz server by yourself on your own server, or on your favorite cloud provider’s platform (like heroku, digitalocean, gcp, etc), or you can simply configure your passwordzz client with our main server (passwordzz.com). Either way, you are safe!
Watch the following video to understand why it is necessary to follow the best password practices on the Internet.
-
Passwordzz Server - Django, REST API
-
Passwordzz Client (CLI) - Python
-
Passwordzz Client Desktop Application (Windows, Mac, Linux) - ReactJS, Electron.js
-
Passwordzz Client Mobile Application (Android, iOS) - [not yet decided]
-
Passwordzz Client browser extension (chrome and firefox) - Javascript
-
Logo Design
-
Video demo on how it works