I'm working on a password manager desktop app called JSON Password Manager. JSON Password Manager fixes a few problems that I've found in other password managers (e.g. LastPass or Dashlane) in the past, namely:
- security -- while most popular password managers use "military-grade" encryption, everything is still stored in the cloud, and the user does not have direct access to where the data is actually stored
- customizability -- I want the freedom to design how passwords and encrypted data in whatever way I wish, not having to conform to a particular online UI or mobile app
JSON Password Manager is based on JSON, meaning all of your encrypted passwords and account data can be completely edited as plain JavaScript-like objects. You can store key value pairs for your username, password, and email of an account, and include an array of objects for your security questions, for example.
Every piece of data and JSON stored in JSON Password Manager is encrypted with AES-256 bit ("military-grade" encryption) and stored as hex in a singular file. The encryption key is derived (with pbkdf2) from the users chosen master password.
The desktop app allows users to download the encrypted data file with all their passwords and transfer/use it as they wish, which means users have complete control of their encrypted data.
When they want to view the data, they can just upload the file to the desktop app on their given device, enter the master password, and they can use the encrypted "vault" on that device.
JSON Password Manager is all completely open source (MIT License) on Github: https://github.com/xtrp/JSON-Password-Manager, which is great because any potential bugs, security problems, and feature updates can be done quickly and effectively.
I've currently built out the entire password manager (although not fully tested yet), and am just working on expanding the desktop app to include new features like a strong password generator, a settings tab, etc.
I'd love suggestions, so feel free to respond to this comment or email me at xtrp@xtrp.io.
- security -- while most popular password managers use "military-grade" encryption, everything is still stored in the cloud, and the user does not have direct access to where the data is actually stored - customizability -- I want the freedom to design how passwords and encrypted data in whatever way I wish, not having to conform to a particular online UI or mobile app
JSON Password Manager is based on JSON, meaning all of your encrypted passwords and account data can be completely edited as plain JavaScript-like objects. You can store key value pairs for your username, password, and email of an account, and include an array of objects for your security questions, for example.
Every piece of data and JSON stored in JSON Password Manager is encrypted with AES-256 bit ("military-grade" encryption) and stored as hex in a singular file. The encryption key is derived (with pbkdf2) from the users chosen master password.
The desktop app allows users to download the encrypted data file with all their passwords and transfer/use it as they wish, which means users have complete control of their encrypted data.
When they want to view the data, they can just upload the file to the desktop app on their given device, enter the master password, and they can use the encrypted "vault" on that device.
JSON Password Manager is all completely open source (MIT License) on Github: https://github.com/xtrp/JSON-Password-Manager, which is great because any potential bugs, security problems, and feature updates can be done quickly and effectively.
I've currently built out the entire password manager (although not fully tested yet), and am just working on expanding the desktop app to include new features like a strong password generator, a settings tab, etc.
I'd love suggestions, so feel free to respond to this comment or email me at xtrp@xtrp.io.