Warning
This repo is not maintained, doing a complete project rewrite
Free, open-source and self-hosted password manager.
Passer is a React website with the design inspired by the Material Design, and a backend fully managed by Firebase, that can be comfortably hosted with a free account.
More screenshots available in the screenshots directory.
Every password with its site data is serialized and client-side encrypted before being stored in the database, using the SubtleCrypto interface with the AES-GCM algorithm.
The CryptoKey used for encryption and decryption is generated using a salted hash from the user's password and e-mail, that never leaves your device.
Authentication with its state persistance is entirely done through Firebase, but in order to decrypt the downloaded data, the generated hash is later stored locally to create the key. As the hash is not used for the Firebase account creation, it is not possible to get into someone else's account, if the locally stored hash was compromised.
You can easily create your own free Firebase project and use it with Passer to ensure that no one can modify or delete your encrypted data with the following steps:
-
Create a new Firestore Database and update the Security Rules with the contents of the security-rules file.
-
Enable Authentication and add the Email/Password sign-in provider.
Copy the Project ID and the Web API key from your project settings and paste them into the Passer configuration dialog.
The page should now be displaying a message about your custom instance.
Using Docker:
docker pull pomoc48/passer
docker run -p 3000:80 -d pomoc48/passerUsing NPM:
npm run build
npm startTo finish configuring the app, see to the previous section.
This project is licensed under the GNU General Public License.
Please see the license file for more information.