mypass
A self-hosted, single-user password manager. All cryptography happens on your device. The storage backend never sees your plaintext data.
what it does
- End-to-end encrypted vault using XChaCha20-Poly1305
- Key derivation via Argon2id with tuneable parameters
- Choice of zero-knowledge storage backend — any S3-compatible object store or Google Drive
- Biometric unlock (fingerprint / face) with secure device key caching, plus PIN with lockout
- Built-in password generator
- TOTP support (scan QR codes or paste otpauth:// URIs), with live codes
- Custom fields — text, secret, multiline, URL, and TOTP
- Tags and tag groups for organizing entries
- Soft-delete with 30-day auto-purge
- Conflict-safe sync with manual merge when two devices disagree
browser extension
An optional fill-only browser extension talks to the desktop app over a local, paired connection — the extension never holds your vault or any keys, and does no decryption of its own.
- Bluetooth-style pairing: the app shows a code, you enter it once in the extension
- Fill the matching credential for the current site, generate a password, or start a new entry from the page you're on
- Fetched values auto-clear from the extension after a configurable timeout
- Chromium-based browsers (Chrome, Vivaldi, Edge, Brave)
platforms
- Android
- Linux
- Windows
contact: jason@whydoesnothing.work