A secure, zero-knowledge password manager built with modern web technologies. Vault encrypts your passwords client-side before they ever leave your device, ensuring that only you can access your sensitive data.
- Client-Side Encryption: All passwords are encrypted on your device using AES-GCM (256-bit) before being stored in the cloud
- Zero-Knowledge Architecture: Your master password never leaves your device - not even we can access your passwords
- Auto-Lock Security: Automatically locks after 5 minutes of inactivity
- Password Strength Analysis: Visual indicators for password strength
- Category Organization: Organize passwords with color-coded categories and icons
- Secure Clipboard: Auto-clears clipboard after 60 seconds when copying passwords
- Notes Support: Add encrypted notes to any password entry
- Modern UI: Glassmorphic design with smooth animations
- Algorithm: AES-GCM 256-bit encryption
- Key Derivation: PBKDF2 with 100,000 iterations
- Unique Salts: Each user has a unique cryptographic salt
- Random IVs: Each encrypted field uses a random initialization vector
- User authenticates with Firebase Auth
- User's unique salt is retrieved from Firestore
- Master password + salt → PBKDF2 → encryption key (stored in memory only)
- Encryption key unlocks vault and decrypts password entries
- Auto-locks after 5 minutes of inactivity (clears key from memory)
- Passwords
- Usernames
- Notes
- Entry titles (for searchability)
- Categories (for filtering)
- URLs
- Frontend: React 18 + TypeScript + Vite
- Styling: Tailwind CSS + shadcn/ui components
- Backend: Firebase (Authentication + Firestore)
- Encryption: Web Crypto API
- Icons: Lucide React
- Notifications: Sonner
Vault comes with pre-configured categories, each with unique colors and icons:
- Work - Blue with Briefcase icon
- Code/Coding - Purple with Code icon
- Personal - Cyan with User icon
- School - Green with GraduationCap icon
- Email - Yellow with Mail icon
- Shopping - Pink with ShoppingCart icon
- Entertainment - Red with Film icon
- Gaming - Violet with Gamepad icon
- Social - Rose with Heart icon
- Finance/Banking - Emerald with CreditCard icon
- Home - Orange with Home icon
- Travel - Indigo with Globe icon
- Other - Slate with Folder icon
vault/
├── src/
│ ├── components/ # React components
│ │ ├── ui/ # shadcn/ui components
│ │ ├── VaultEntryCard.tsx
│ │ ├── CategoryFilter.tsx
│ │ └── ...
│ ├── pages/ # Page components
│ │ ├── LockScreen.tsx
│ │ └── VaultView.tsx
│ ├── services/ # Core services
│ │ ├── encryptionService.ts
│ │ ├── firestoreService.ts
│ │ ├── authService.ts
│ │ └── userService.ts
│ ├── hooks/ # Custom React hooks
│ │ └── useVault.ts
│ ├── types/ # TypeScript types
│ │ └── vault.ts
│ └── lib/ # Utilities
│ └── firebase.ts
├── public/ # Static assets
└── ...
- Master Password: Choose a strong, unique master password - it's the only way to access your vault
- Device Security: Keep your device secure as the encryption key is held in memory while unlocked
- HTTPS Only: Always access Vault over HTTPS in production
- Regular Updates: Keep dependencies updated for security patches
Contributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License.
While Vault implements industry-standard encryption practices, it is provided as-is without warranty. Always maintain backups of critical passwords and use at your own risk.