'master' branch is a dev-branch, please download stable version from Release to use it.
Supports are available here for versions greater than v9.13
Please note, Password-Manager only supports HTTPS
- Client side encryption. Server only keeps the encrypted strings.
- Customized fields support. You can add and delete fields for the password manager. You might want a URL field to keep login URL for all your accounts.
- PIN login. You don't need to input your long login password everytime. Instead, you can use a short PIN, in your trusted devices.
- Files support. You can attach files to accounts. Of course, files are encrypted in your browser before they are uploaded.
- Tags support and searching support. This makes it easier to manage lots of accounts.
- Import/Export as CSV file.
- Easy to backup and recovery.
- Authentication control. Account/IP will be blocked for too many failed attempts. After a short time of no action, you'll sign out automatically.
- Friendly UI.
How to use
Web Browser Plugin
Chrome: Chrome Web Store
GitHub Project: PwChromeExtension by Benjamin.
This password manager can generate and store random strong passwords for users. Passwords are generated on users' browsers and then encrypted using AES256 (CBC mode). Key for encryption is generated by PBKDF2 based on login password (Password_1)
PBKDF2 with SHA512 is used for user identification check. Raw password will be mapped to a pseudo password with a key related to Password_1 before applying AES256. The mapping algorithm is alphabet and position based.
Some part of information in Password_1 won't involve in calculations for identity check, So password_1 can't be obtained by enumerating password_0 (used for authentication).
You can read more information about implementation in wiki.
You can easily add E-mail verification, Google authentication... in your version of password manager. Put your implementation inside
src/rest/check.php, which is used for login authentication.
Please read the guide first.
All contributors to this project must agree their work to be published under MIT license ONLY (see LICENSE file) before submitting a pull request.