🔐 Open source password manager with Nextcloud integration
Перейти к файлу
binsky 5419c76e8c update Dockerfile and entrypoint.sh to be compatible with Nextcloud 26
Signed-off-by: binsky <timo@binsky.org>
2023-05-20 17:32:46 +02:00
.tx [tx-robot] Update transifex configuration 2022-10-01 02:48:21 +00:00
appinfo Bump version 2023-05-02 21:53:42 +02:00
controller implement hint and checkbox to change a vault password 2023-05-02 20:59:46 +02:00
css implement hint and checkbox to change a vault password 2023-05-02 20:59:46 +02:00
docs Fix markdown syntax / reformatting of api.md 2019-10-25 23:42:31 +02:00
img fix numix svgs with undetectable mime type 2021-09-23 18:35:02 +02:00
js Merge branch 'add-backup-notice' 2023-05-02 21:10:12 +02:00
l10n Fix(l10n): Update translations from Transifex 2023-05-18 01:05:28 +00:00
lib Merge branch 'fix-offline-mode-requests' 2023-05-02 19:45:25 +02:00
middleware Check HTTP_ORIGIN using isset 2017-01-19 13:58:34 +01:00
migration remove table name condition in the serversideencryption.php method fetchAll() 2021-03-23 00:26:40 +01:00
sass implement hint and checkbox to change a vault password 2023-05-02 20:59:46 +02:00
templates implement hint and checkbox to change a vault password 2023-05-02 20:59:46 +02:00
tests Replace deprecated String.prototype.substr() 2022-03-24 16:55:03 +01:00
.dockerignore Added dockerfile 2016-10-19 18:13:32 +02:00
.drone.yml Update drone config 2017-07-28 16:22:18 +02:00
.drone.yml.sig Signed yaml file 2017-07-28 17:35:38 +02:00
.gitignore Update ignore file 2016-12-21 22:07:31 +01:00
.jshintrc fix importer js 2021-08-22 15:12:57 +02:00
.scrutinizer.yml Fix loading vault if it's already open. Ref #263 2017-10-29 16:14:42 +01:00
.travis.yml Merge branch 'master' into fix/noid/travismysqlerror 2021-03-22 15:24:51 +01:00
AUTHORS.md Initial commit 2016-09-09 17:36:35 +02:00
CHANGELOG.md This fixes the decryption error happening when auto login is enabled and user changes vault password. 2016-12-28 15:26:26 +01:00
CNAME Create CNAME 2017-02-05 17:23:45 +01:00
CONTRIBUTING.md add link to nextcloud server wiki on how to sign commits 2017-10-29 11:11:22 +01:00
COPYING Initial commit 2016-09-09 17:36:35 +02:00
Dockerfile update Dockerfile and entrypoint.sh to be compatible with Nextcloud 26 2023-05-20 17:32:46 +02:00
Gruntfile.js switch to an updated OTP lib and add support for custom OTP digits and period values 2022-08-27 02:35:25 +02:00
ISSUE_TEMPLATE.md Update 2017-03-16 15:44:56 +01:00
LICENSE Initial commit 2016-09-07 13:30:00 +02:00
Makefile Initial commit 2016-09-09 17:36:35 +02:00
README.md Merge branch 'migrations-2' of https://github.com/binsky08/passman into binsky08-migrations-2 2021-05-17 00:43:53 +02:00
bower.json fix bower dependencies (except llqrcode) 2021-03-12 01:00:14 +01:00
composer.json Add icons to credentials 2017-10-29 13:31:18 +01:00
entrypoint.sh update Dockerfile and entrypoint.sh to be compatible with Nextcloud 26 2023-05-20 17:32:46 +02:00
karma.conf.js fixed underscore path 2018-11-21 17:34:49 +01:00
launch_phpunit.sh.sample PHPUnit fixes for custom locations 2017-05-07 18:21:11 +02:00
package.json update grunt nodeunit dependency 2023-03-25 12:00:19 +01:00
personal.php Update personal.php 2018-02-21 16:53:17 +02:00
phpunit.integration.xml Update phpunit 2017-07-01 18:09:39 +02:00
phpunit.xml Update phpunit 2017-07-01 18:09:39 +02:00
swagger.yaml Top level typos 2017-01-06 17:06:54 +05:45

README.md

Passman

Passman is a full featured password manager.

Build Status Docker Automated buid Codacy Badge Codacy Badge Scrutinizer Code Quality

Join us!

Visit the “Passman General Talk” Telegram Group to participate in all sorts of topical discussions about Passman and its apps!

Contents

Screenshots

Logged in to vault

Credential selected

Edit credential

Password tool

For more screenshots: Click here

Features:

  • Multiple vaults
  • Vault keys are never sent to the server
  • 256-bit AES-encrypted credentials (see security)
  • User-defined custom credentials fields
  • Built-in OTP (One Time Password) generator
  • Password analyzer
  • Securely share passwords internally and via link
  • Import from various password managers:
    • KeePass
    • LastPass
    • DashLane
    • ZOHO
    • Clipperz.is
    • EnPass
    • ocPasswords

Try a Passman demo here.

Tested on

  • Nextcloud 14

For older Versions see the Releases Tab

External apps

Database Compatibility

Supported Tested Untested
SQL Lite
MySQL / MariaDB
travis
pgsql

Security

Password generation

Passman can generate passwords and measure their strength using zxcvbn.

Generate passwords as you like

Passwords are generated using sjcl randomization.

Storing credentials

All passwords are encrypted client side with sjcl using 256-bit AES. You supply a vault key which sjcl uses to encrypt your credentials. Your encrypted credentials are then sent to the server and encrypted yet again using the following routine:

Sharing credentials

Passman allows users to share passwords. (Administrators may disable this feature.)

API

Passman offers a developer API.

Support Passman

Passman is open source but well gladly accept a beer or pizza! Please consider donating:

Code reviews

If you have any code improvements:

  • Clone us
  • Make your edits
  • Add your name to the contributors
  • Send a PR

Or, if youre feeling lazy, create an issue and well think about it.

Docker

To run Passman with Docker, use our test Docker image. Supply your own self-signed SSL certs or use Lets Encrypt. Please note: The Docker image is for testing only as database user / password are hardcoded.

If youd like to spice up our Passman Docker image into a full-fledged, production-ready install, youre welcome to do so. Please note:

  • Port 80 and 443 are used
  • SSL is enabled (or disabled if no certs are found)
  • Container startup time must be less than 15 seconds

Example:

docker run -p 8080:80 -p 8443:443 -v /directory/cert.pem:/data/ssl/cert.pem -v /directory/cert.key:/data/ssl/cert.key brantje/passman

If you want a production-ready container, use the Nextcloud Docker and install Passman as an app.

Development

  • Passman uses a single .js file for templates which minimizes XHR template requests.
  • CSS uses SASS, so Ruby and SASS must be installed.
  • templates.js and the CSS are built with grunt.
  • Watch for changes using grunt watch.
  • Run unit tests — Install phpunit globally, setup environment variables in the launch_phpunit.sh script, and run the script. All arguments passed to launch_phpunit.sh are forwarded to phpunit.

Main developers

  • Brantje
  • Animalillo

Contributors

Add yours when creating a pull request!

FAQ

Are you adding something to check if malicious code is executing on the browser?
No, because malicious code can edit functions that check for malicious code.