The most secure password is the one that never leaves your machine. This is a zero-knowledge, offline-first password manager built with Python. No internet, no cloud, no trackers. Your security is 100% in your hands.
💖 This software is 100% free. If you find it useful, consider supporting development!
- 🎲 Cryptographic Password Generator: Uses Python's
secretsmodule for true randomness. - 🔒 Military-Grade Encryption: AES-256 via Fernet with PBKDF2 key derivation (480k iterations).
- 🌐 100% Offline: No network calls, no API dependencies, no cloud.
- 🛡️ Zero-Knowledge: Your Master Password is never stored; data is unreadable without it.
- ⏰ Auto-Lock: Vault locks after 5 minutes of inactivity.
- 📋 Clipboard Security: Auto-clears clipboard 30 seconds after copying.
- 🎨 Modern GUI: Simple, clean, and intuitive dark-mode interface.
This is the easiest way. No Python installation required!
- Go to the Releases page.
- Download
PasswordManager.exe. - Run the executable and follow the setup instructions.
Perfect for developers who want to inspect the code.
- Install Python: Download from python.org (Version 3.8+).
- Download Code: Clone this repo or download the ZIP.
- Install Dependencies:
pip install -r requirements.txt
- Run the App:
python main.py
Run the application:
python main.pyOn first launch, you'll be prompted to create a Master Password. This password:
- Must be at least 8 characters
- Must contain 3 of: uppercase, lowercase, digits, special characters
- Cannot be recovered if forgotten (zero-knowledge design)
Warning
Write down your Master Password in a secure physical location. If you forget it, your data is permanently unrecoverable.
- Unlock: Enter your Master Password
- Vault Tab:
- View all saved credentials
- Search by website or username
- Copy username/password to clipboard
- Add, edit, or delete entries
- Generator Tab:
- Adjust password length (12-64 characters)
- Select character types
- Generate and copy passwords
- Auto-Lock: After 5 minutes of inactivity, the vault automatically locks
- Clipboard Auto-Clear: Copied passwords are cleared from clipboard after 30 seconds
- Manual Lock: Click "🔒 Lock Vault" anytime to lock immediately
- Algorithm: AES-256 (via Fernet symmetric encryption)
- Key Derivation: PBKDF2-HMAC-SHA256 with 480,000 iterations
- Master Password Verification: bcrypt with 12 rounds
- Salt: Unique 16-byte cryptographic salt (stored in
salt.key)
Files Created:
vault.db- SQLite database with encrypted passwordssalt.key- 16-byte salt for key derivation
What's Encrypted:
- All passwords are encrypted before storage
- Even with access to
vault.db, passwords are unreadable without your Master Password
What's NOT Stored:
- Your Master Password (only a bcrypt hash is stored)
- Decrypted passwords (only encrypted ciphertext)
It's critical to back up these files regularly:
vault.db(your encrypted credential database)salt.key(required for decryption)
Recommended backup locations:
- USB flash drive
- External hard drive
- Encrypted personal cloud storage (if you accept the internet risk)
If you lose your data:
- Copy
vault.dbandsalt.keyback to the application directory - Run
python main.py - Enter your Master Password
- All credentials will be restored
Caution
If you lose either salt.key OR your Master Password, your data is permanently unrecoverable.
To verify the application works 100% offline:
Windows:
# Disable network
Get-NetAdapter | Disable-NetAdapter
# Run app
python main.py
# Re-enable network
Get-NetAdapter | Enable-NetAdaptermacOS/Linux:
# Disable Wi-Fi
sudo ifconfig en0 down # or your network interface
# Run app
python main.py
# Re-enable Wi-Fi
sudo ifconfig en0 upThe application should work perfectly with no internet connection.
Run: pip install -r requirements.txt
- Ensure
salt.keyexists in the same directory - Verify you're using the correct Master Password
- On Linux, you may need:
sudo apt-get install xclip xsel - On macOS, clipboard access requires system permissions
- Check Python version:
python --version(must be 3.8+) - Verify dependencies:
pip list | findstr "cryptography customtkinter"
password-manager/
├── main.py # Application entry point
├── crypto_manager.py # Encryption/decryption (AES-256, PBKDF2)
├── database.py # SQLite operations (CRUD)
├── password_generator.py # Cryptographically secure generation
├── gui.py # CustomTkinter interface
├── requirements.txt # Python dependencies
├── README.md # This file
├── vault.db # Encrypted database (created on first run)
└── salt.key # Encryption salt (created on first run)
- Strong Master Password: Use a long, unique password you'll remember
- Regular Backups: Back up
vault.dbandsalt.keyweekly - Physical Security: Keep backup files in a secure physical location
- Offline Storage: Consider storing backups on air-gapped USB drives
- Firewall: Optionally block this application from network access via OS firewall
Important
This is NOT a cloud password manager. There is no sync, no recovery service, no support team. You are 100% responsible for:
- Remembering your Master Password
- Backing up your vault and salt files
- Securing your computer from malware
Warning
No Password Recovery: Zero-knowledge encryption means if you forget your Master Password, there is no way to recover your data. Not even the developer can help.
Caution
Malware Risk: If your computer is infected with keyloggers or screen capture malware, your passwords can be stolen when you decrypt them. This tool does not protect against compromised systems.
This software is provided as-is for personal use. Use at your own risk.
Built using:
- cryptography - Encryption library
- CustomTkinter - Modern GUI framework
- bcrypt - Password hashing
- pyperclip - Clipboard operations
Stay secure. Stay offline. Stay in control. 🔐