🍵 PasswordTea - Password generator and manager

Readme Languages:
Русский	English

Link - https://dcfapixels.github.io/KeyTea/
Versioning semantics - Open

A small application with the functionality of a password manager, but it does not store these passwords either on the user's computer or on a server. It works on any device, and if the page is saved, PasswordTea can be launched even without an internet connection.

❓ How does it work?

In short, passwords are generated based on a master password that the user must create and remember. From the combination of the master password and the website's name, a unique password for that site is generated. Since the same pair of master password and website name always generates the same result, there is no need to save the generated passwords. The generation process uses a cryptographically secure hash function, meaning that the final password cannot be converted back into the master password.

🔒 Security

This application guarantees that passwords are not stored or transmitted to third parties in the following ways:

The app can function without an internet connection;
It does not use third-party frameworks or libraries, except for the browser and the js-sha3 script for calculations;
It is an open-source project and the source code is available for review. Users can independently verify that everything is clean.

Advantages:

It is enough to remember just one master password, but a unique one is generated for each site;
Generated passwords consist of a random set of characters, making them secure;
Since the app does not store passwords, these passwords are not susceptible to leakage by hacks;
Quickly change the generated password, adding just one character creates a new unique password.

Disadvantages:

A master password leak exposes access to all passwords;
A single master password is more vulnerable to various types of attacks.

⭐ Features

Cross-platform:

The use of web languages allows the application to run on any device with a browser. And also it can be embedded in other applications.

Customizable character set:

Some websites have specific requirements for the presence or absence of certain characters, fine-tuning the characters used allows the generation of passwords that meet these requirements. Additionally, for creating more complex passwords, characters from not only the English alphabet but also symbols can be used. By default, there are sets of special characters, numbers, the English alphabet, and the Russian alphabet.

Password generation using versioning:

In case the user needs to change the password, the password version can be modified in the settings, and increasing the version completely changes the password to a unique new one.

Deterministic calculations:

Passwords are generated the same no matter what device the app is running on.

📜 Guide

Master Password Input Screen

On the initial screen, the user is prompted to enter the master password, which is used to generate passwords.

After entering the master password, press the "Continue" button to proceed to the password list.

Password Selection Screen

At the top of the screen, a list of resources is displayed. To retrieve a password, select the desired resource from the list.

The resource list is editable. The button at the bottom of the list with a plus icon adds a new entry, the gear icon button opens the screen for editing resource information for the password, and the adjacent recycle bin icon button removes the resource from the list.

After selecting a resource, the generated password for this resource will appear in the "password" field at the bottom. To the right of the field is the button to copy the password to the clipboard. Further right is the button to show the password, which is hidden by default.

At the bottom of the screen, there are buttons for importing and exporting user data. These functions allow data to be transferred between devices.

Password Information Editing Screen

At the top, there are 4 fields available for editing:

Name - the name of the resource for which the password is being generated; this name will also be displayed on the password selection screen.
User - in case there are multiple accounts for the same resource, the user can enter account logins here, which will generate different passwords.
Length - the length of the password.
Version - the password version. The user can increase the version by clicking the Up button, which generates a completely new password.

Below is a list of character sets from which the user can select the ones to be used in password generation.

The list of character sets is editable. The button at the bottom of the list with a plus icon adds a new empty set, the gear icon button opens the screen for editing the character set, and the adjacent trash bin icon button removes the set from the list.

After completing the edits, click the Save button to save the changes or Cancel to discard them.

Character Set Editing Screen

For editing, there are 3 fields available:

Name - the name of the set displayed in the application. This does not affect password generation.
Charset - the set of characters as text. After saving, the text will be formatted, with characters sorted and duplicates removed.
Priority - the priority of the set. Priority affects the frequency with which characters from the set appear in the password. The frequency is calculated relative to the priority of all sets. The higher the priority, the more frequently characters from this set will appear. Regardless of priority, at least one character from the set will be used in the password.

After completing the edits, click the Save button to save the changes or Cancel to discard them.

📑 License

The MIT License: https://raw.githubusercontent.com/DCFApixels/KeyTea/refs/heads/main/LICENSE