A secure, self-hosted password manager built with Python Flask and PostgreSQL. It features Zero-Knowledge Encryption, Two-Factor Authentication (2FA), and a fully responsive Progressive Web App (PWA) interface for mobile access.
- 🔒 Zero-Knowledge Architecture: Master passwords are never stored. Encryption keys are derived client-side; only encrypted data reaches the server.
- 📲 Progressive Web App (PWA): Installable on iOS and Android as a native-feeling app (no browser bars).
- 🔐 Two-Factor Authentication (2FA): Built-in QR code generator for easy setup with Google/Microsoft Authenticator.
- ⚡ Smart Security:
- Automatic inactivity logout (5-minute timer).
- Clipboard auto-clearing logic.
- Real-time password strength and character validation.
- 🔎 User Experience:
- Instant search filtering for rapid password retrieval.
- One-tap "Copy to Clipboard" for passwords and 2FA secrets.
- Mobile-optimized "Tap to Setup" for authenticators.
- Backend: Python 3.10+, Flask
- Database: PostgreSQL
- Frontend: HTML5, CSS3, Vanilla JavaScript
- Security:
cryptography: Fernet/AES encryptionpbkdf2: Key derivationpyotp: Time-based One-Time Passwords
git clone [https://github.com/webdev-jason/password-vault.git](https://github.com/webdev-jason/password-vault.git)
cd password-vaultWindows:
python -m venv venv
.\venv\Scripts\activateMac/Linux:
python3 -m venv venv
source venv/bin/activatepip install -r requirements.txtCreate a .env file in the root directory:
SECRET_KEY=your_super_secret_flask_key
DATABASE_URL=postgresql://user:password@your-db-url.com/dbnamepython db_setup.pypython app.pyVisit http://127.0.0.1:5000 in your browser.
Jason Sparks - GitHub Profile
This project is licensed under the MIT License - see the LICENSE file for details.