nextcloud / passman

🔐 Open source password manager with Nextcloud integration
https://passman.cc
GNU Affero General Public License v3.0
790 stars 108 forks source link
hacktoberfest nextcloud passman password-manager

Passman

Passman is a full featured password manager.

Build Status Docker Automated buid Codacy Badge Codacy Badge Scrutinizer Code Quality

Join us!

Visit the “Passman General Talk” Telegram Group to participate in all sorts of topical discussions about Passman and its apps!

Contents

Screenshots

Logged in to vault

Credential selected

Edit credential

Password tool

For more screenshots: Click here

Features:

Try a Passman demo here.

Tested on

For older Versions see the Releases Tab

External apps

Database Compatibility

Supported Tested Untested
SQL Lite
MySQL / MariaDB
travis
pgsql

Security

Password generation

Passman can generate passwords and measure their strength using zxcvbn.

Generate passwords as you like

Passwords are generated using sjcl randomization.

Storing credentials

All passwords are encrypted client side with sjcl using 256-bit AES. You supply a vault key which sjcl uses to encrypt your credentials. Your encrypted credentials are then sent to the server and encrypted yet again using the following routine:

Sharing credentials

Passman allows users to share passwords. (Administrators may disable this feature.)

API

Passman offers a developer API.

Support Passman

Passman is open source but we’ll gladly accept a beer or pizza! Please consider donating:

Code reviews

If you have any code improvements:

Or, if you’re feeling lazy, create an issue and we’ll think about it.

Docker

To run Passman with Docker, use our test Docker image. Supply your own self-signed SSL certs or use Let’s Encrypt. Please note: The Docker image is for testing only as database user / password are hardcoded.

If you’d like to spice up our Passman Docker image into a full-fledged, production-ready install, you’re welcome to do so. Please note:

Example:

docker run -p 8080:80 -p 8443:443 -v /directory/cert.pem:/data/ssl/cert.pem -v /directory/cert.key:/data/ssl/cert.key brantje/passman

If you want a production-ready container, use the Nextcloud Docker and install Passman as an app.

Development

Main developers

Contributors

Add yours when creating a pull request!

FAQ

Are you adding something to check if malicious code is executing on the browser?
No, because malicious code can edit functions that check for malicious code.