{"id":13466009,"url":"https://github.com/nextcloud/passman","last_synced_at":"2025-05-14T11:08:51.911Z","repository":{"id":10951358,"uuid":"67600655","full_name":"nextcloud/passman","owner":"nextcloud","description":"🔐 Open source password manager with Nextcloud integration","archived":false,"fork":false,"pushed_at":"2025-05-08T01:31:47.000Z","size":14897,"stargazers_count":799,"open_issues_count":133,"forks_count":112,"subscribers_count":43,"default_branch":"master","last_synced_at":"2025-05-08T02:30:57.115Z","etag":null,"topics":["hacktoberfest","nextcloud","passman","password-manager"],"latest_commit_sha":null,"homepage":"https://passman.cc","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nextcloud.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS.md","dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2016-09-07T11:30:00.000Z","updated_at":"2025-05-08T01:31:51.000Z","dependencies_parsed_at":"2023-10-03T07:13:06.988Z","dependency_job_id":"20ac5c46-55fc-497f-afcb-7702c07b3e79","html_url":"https://github.com/nextcloud/passman","commit_stats":{"total_commits":2295,"total_committers":42,"mean_commits":"54.642857142857146","dds":0.5729847494553377,"last_synced_commit":"bec3a1784c2d5f2ce9c726a1bdacb27d55b911fe"},"previous_names":[],"tags_count":47,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nextcloud%2Fpassman","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nextcloud%2Fpassman/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nextcloud%2Fpassman/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nextcloud%2Fpassman/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nextcloud","download_url":"https://codeload.github.com/nextcloud/passman/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254129482,"owners_count":22019628,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","nextcloud","passman","password-manager"],"created_at":"2024-07-31T15:00:38.007Z","updated_at":"2025-05-14T11:08:51.874Z","avatar_url":"https://github.com/nextcloud.png","language":"JavaScript","readme":"# Passman\nPassman is a full featured password manager.\n\n[![Build Status](https://travis-ci.org/nextcloud/passman.svg?branch=master)](https://travis-ci.org/nextcloud/passman)\n[![Docker Automated buid](https://img.shields.io/docker/build/brantje/passman.svg)](hub.docker.com/r/brantje/passman/)\n[![Codacy Badge](https://api.codacy.com/project/badge/Grade/749bb288c9fd4592a73056549d44a85e)](https://www.codacy.com/app/brantje/passman?utm_source=github.com\u0026amp;utm_medium=referral\u0026amp;utm_content=nextcloud/passman\u0026amp;utm_campaign=Badge_Grade)\n[![Codacy Badge](https://api.codacy.com/project/badge/Coverage/749bb288c9fd4592a73056549d44a85e)](https://www.codacy.com/app/brantje/passman?utm_source=github.com\u0026utm_medium=referral\u0026utm_content=nextcloud/passman\u0026utm_campaign=Badge_Coverage)\n[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/nextcloud/passman/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/nextcloud/passman/?branch=master)\n\n## Join us!\nVisit the [“Passman General Talk” Telegram Group](https://t.me/passman_general) to participate in all sorts of topical discussions about Passman and its apps!\n\n## Contents\n  * [Screenshots](https://github.com/nextcloud/passman#Screenshots) \n  * [Features](https://github.com/nextcloud/passman#features) \n  * [External apps](https://github.com/nextcloud/passman#external-apps)\n  * [Security](https://github.com/nextcloud/passman#security)\n    * [Password generation](https://github.com/nextcloud/passman#password-generation)\n    * [Storing credentials](https://github.com/nextcloud/passman#storing-credentials)\n  * [Support passman](https://github.com/nextcloud/passman#support-passman)\n  * [Development](https://github.com/nextcloud/passman#development)\n  * [API](https://github.com/nextcloud/passman#api)\n  * [Docker](https://github.com/nextcloud/passman#docker)\n  * [Maintainers](https://github.com/nextcloud/passman#main-developers)\n  * [Contributors](https://github.com/nextcloud/passman#contributors)\n\n## Screenshots\n![Logged in to vault](http://i.imgur.com/ciShQZg.png)   \n\n![Credential selected](http://i.imgur.com/3tENldT.png)   \n\n![Edit credential](http://i.imgur.com/Iwm3hUe.png)   \n\n![Password tool](http://i.imgur.com/ZYkN70r.png)\n\nFor more screenshots: [Click here](http://imgur.com/a/giKVt)\n\n## Features:\n  * Multiple vaults\n  * Vault keys are never sent to the server\n  * 256-bit AES-encrypted credentials (see [security](https://github.com/nextcloud/passman#security))\n  * User-defined custom credentials fields\n  * Built-in OTP (One Time Password) generator\n  * Password analyzer\n  * Securely share passwords internally and via link\n  * Import from various password managers:\n    - KeePass\n    - LastPass\n    - DashLane\n    - ZOHO\n    - Clipperz.is\n    - EnPass\n    - [ocPasswords](https://github.com/fcturner/passwords)\n  \nTry a Passman demo [here](https://demo.passman.cc).\n\n## Tested on\n- Nextcloud 14\n\nFor older Versions see the [Releases Tab](https://github.com/nextcloud/passman/releases)\n\n## External apps\n  * [Firefox / chrome extension](https://github.com/nextcloud/passman-webextension)\n  * [Android app](https://github.com/nextcloud/passman-android)\n\n## Database Compatibility\n\n|   | Supported | Tested | Untested |\n| :--- | :---: | :---: | :---: |\n| SQL Lite | • |   |   |\n| MySQL / MariaDB | • |   |   |\n| travis |   | • |   |\n| pgsql | • |   |   |\n\n## Security\n\n### Password generation\nPassman can generate passwords *and* measure their strength using [zxcvbn](https://github.com/dropbox/zxcvbn).   \n![](http://i.imgur.com/2qVBUfM.png)   \n\nGenerate passwords as you like   \n![](http://i.imgur.com/jcRicOV.png)   \nPasswords are generated using `sjcl` randomization.\n\n### Storing credentials\nAll passwords are encrypted client side with [sjcl](https://github.com/bitwiseshiftleft/sjcl) using 256-bit AES.\nYou supply a vault key which sjcl uses to encrypt your credentials. Your encrypted credentials are then sent to the server and encrypted yet again using the following routine:\n  * A key is generated using `passwordsalt` and `secret` from config.php *(so back those up)*.\n  * The key is [stretched](http://en.wikipedia.org/wiki/Key_stretching) using [Password-Based Key Derivation Function 2](http://en.wikipedia.org/wiki/PBKDF2) (PBKDF2).\n  * [Encrypt-then-MAC](http://en.wikipedia.org/wiki/Authenticated_encryption#Approaches_to_Authenticated_Encryption) (EtM) is used to ensure encrypted data authenticity.\n  * Uses openssl with the `aes-256-cbc` cipher.\n  * [Initialization vector](http://en.wikipedia.org/wiki/Initialization_vector) (IV) is hidden.\n  * [Double Hash-based Message Authentication Code](http://en.wikipedia.org/wiki/Hash-based_message_authentication_code) (HMAC) is applied for source data verification.\n\n### Sharing credentials\nPassman allows users to share passwords. *(Administrators may disable this feature.)*\n\n## API \nPassman offers a [developer API](https://github.com/nextcloud/passman/wiki/API).\n\n## Support Passman\nPassman is open source but we’ll gladly accept a beer *or pizza!* Please consider donating:\n  * [PayPal](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick\u0026hosted_button_id=6YS8F97PETVU2)\n  * [Patreon](https://www.patreon.com/user?u=4833592)\n  * [Flattr](https://flattr.com/@passman)\n  * bitcoin: 1H2c5tkGX54n48yEtM4Wm4UrAGTW85jQpe\n\n## Code reviews\nIf you have any code improvements:\n  * Clone us\n  * Make your edits\n  * Add your name to the contributors\n  * Send a [PR](https://github.com/nextcloud/passman/pulls)\n\nOr, if you’re feeling lazy, create an issue and we’ll think about it.\n\n## Docker\nTo run Passman with [Docker](https://www.docker.com/), use our test Docker image. Supply your own self-signed SSL certs or use [Let’s Encrypt](https://letsencrypt.org/). Please note: The Docker image is for _testing *only*_ as database user / password are hardcoded.   \n    \nIf you’d like to *spice up* our Passman Docker image into a full-fledged, production-ready install, you’re welcome to do so. Please note:\n  * Port 80 and 443 are used\n  * SSL is enabled (or disabled if no certs are found)\n  * Container startup time must be less than 15 seconds\n\nExample:   \n```\ndocker run -p 8080:80 -p 8443:443 -v /directory/cert.pem:/data/ssl/cert.pem -v /directory/cert.key:/data/ssl/cert.key brantje/passman\n```\n        \nIf you want a production-ready container, use the [Nextcloud Docker](https://hub.docker.com/_/nextcloud/) and install Passman as an app.\n\n## Development\n  * Passman uses a single `.js` file for templates which minimizes XHR template requests.   \n  * CSS uses SASS, so Ruby and SASS must be installed.\n  * `templates.js` and the CSS are built with `grunt`.\n  * Watch for changes using `grunt watch`.\n  * Run unit tests — Install phpunit globally, setup environment variables in the `launch_phpunit.sh` script, and run the script. All arguments passed to `launch_phpunit.sh` are forwarded to phpunit.\n\n## Main developers\n  * Brantje\n  * Animalillo\n\n## Contributors\nAdd yours when creating a [pull request](https://help.github.com/articles/creating-a-pull-request/)!\n  * Newhinton\n  * [binsky](https://github.com/binsky08)\n  * [HolgerHees](https://github.com/HolgerHees)\n\n## FAQ\n**Are you adding something to check if malicious code is executing on the browser?**   \nNo, because malicious code can edit functions that check for malicious code.\n","funding_links":["https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick\u0026hosted_button_id=6YS8F97PETVU2","https://www.patreon.com/user?u=4833592"],"categories":["Apps","JavaScript","hacktoberfest","Password Manager"],"sub_categories":["Official","Uptime Monitoring"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnextcloud%2Fpassman","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnextcloud%2Fpassman","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnextcloud%2Fpassman/lists"}