Skip to content

nextcloud/passman

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

2,954 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Passman

Passman is a full featured, open source password manager for Nextcloud.

PHPUnit SQLite

Join us!

Visit the β€œPassman General Talk” Telegram Group to participate in all sorts of topical discussions about Passman and its apps!

Contents

Features

  • Multiple vaults
  • Vault keys are never sent to the server
  • 256-bit AES-encrypted credentials (see security)
  • User-defined custom credentials fields
  • Built-in OTP (One Time Password) generator
  • Password analyzer
  • Securely share passwords internally and via link
  • Import from various password managers:
    • KeePass
    • LastPass
    • DashLane
    • ZOHO
    • Clipperz.is
    • EnPass
    • ocPasswords

Try a Passman demo here.

External apps

Android app

Our native Passman Android app is available for download from the Google Play Store, IzzyOnDroid and F-Droid.

Browser extension

The legacy Firefox / Chrome extension is the "old-stable", but not maintained and no longer available in the Chrome Web Store since it's MV2 based.

A follow-up extension is in active development and currently considered unstable. It's available but in open beta / development phase.

Screenshots

Logged in to vault

Credential selected

Edit credential

Password tool

More screenshots are available on the Nextcloud App Store and imgur.

Database Compatibility

Supported
SQLite β€’
MySQL / MariaDB β€’
PostgreSQL β€’

CI runs PHPUnit against SQLite on GitHub Actions.

Security

Password generation

Passman can generate passwords and measure their strength using zxcvbn.

Generate passwords as you like.

Passwords are generated using sjcl randomization.

Storing credentials

All passwords are encrypted client side with sjcl using 256-bit AES. You supply a vault key which sjcl uses to encrypt your credentials. Your encrypted credentials are then sent to the server and encrypted yet again using the following routine:

Sharing credentials

Passman allows users to share passwords. (Administrators may disable this feature.)

API

Passman offers a developer API. Unfortunately it is very outdated and not maintained. You're welcome to update it.

Docker

Passman Docker images are currently maintained in passman-dev-docker-build.

Image Docker Hub Use for
Development binsky/passman-dev Local hacking: bind-mount your checkout, run grunt, try different Nextcloud/PHP stacks
Demo binsky/passman-demo Pre-baked instances (e.g. demo.passman.cc) without dev tooling

Default login for all images: admin / admin.

Quick start (development):

docker run -d -p 8080:80 -p 8443:443 \
  -v /path/to/passman:/var/www/html/apps/passman \
  --name passman-dev \
  binsky/passman-dev:latest

See the repository README for TLS setup, available tags, and SSH/sshfs mounting.

For production deployments, use the official Nextcloud Docker image and install Passman as an app.

Development

Start from a passman-dev container, then work inside /var/www/html/apps/passman:

  • Passman uses a single .js file for templates which minimizes XHR template requests.
  • Our CSS is written in SASS.
  • templates.js and the CSS are built with grunt / grunt build.
  • Watch for changes using grunt watch.
  • To run PHP unit tests in the running dev container, ...
    • run on your host: make test (full suite) or make testNoDb (without DB group). Generate a Clover coverage report with make test-coverage (requires pcov or xdebug in the container). Customize the container name with DOCKER_CONTAINER=passman-dev-nc34-85-testing make test.
    • or run in the container: cd /var/www/html/apps/passman && composer run test
    • after switching branches or on cache-issues, run cd /var/www/html/apps/passman && composer run test:clear-cache

Support Passman

Passman is open source and lives from contributions like pull request, but we’ll also gladly accept a Club Mate or pizza!

Please consider donating:

  • Ko-Fi
  • Patreon (may come back soon)

Contributing

Pull requests and issues are welcome. Fork the repo, make your changes, and open a pull request. Add your name to the contributors list below when you do.

Maintainers:

Contributors:

FAQ

Are you adding something to check if malicious code is executing on the browser? No, because malicious code can edit functions that check for malicious code.

About

πŸ” Open source password manager with Nextcloud integration

Topics

Resources

License

AGPL-3.0, AGPL-3.0 licenses found

Licenses found

AGPL-3.0
LICENSE
AGPL-3.0
COPYING

Contributing

Security policy

Stars

Watchers

Forks

Packages

 
 
 

Contributors