Skip to content

Overview

Why use a password manager?

Managing passwords securely is critical, yet the majority of people still don’t use password managers. This leaves most users vulnerable to weak or reused passwords and the growing risk of breaches, which have serious consquences to privacy, security and identity.

While many commercial solutions exist, they often come with subscriptions, cloud storage requirements, or proprietary code. This project takes a different approach: a free, open‑source, GPG‑based password manager that works entirely offline and across platforms.

By removing barriers like cost, internet dependency, and closed ecosystems, it aims to make strong password management accessible to everyone and encourage wider adoption of secure practices.

Why use Passwords as a password manager?

Here's some really good reasons to consider using Passwords:

  • Passwords is made from pure opensource. We don't use a thing which isn't open, transparent and auditable. Our source code is free for anyone who wants it.

  • Your passwords never leave your device. No internet connection is required, reducing exposure to online threats, and fitting into your tier zero and tier one environments perfectly.

  • Free to use, forever. You’re not tied to a company’s servers, business model or subscriptions.
  • Cloud-based managers are attractive targets for hackers. By keeping everything local, this tool reduces risk.

  • Works seamlessly across Linux, macOS, and Windows, so you can manage credentials wherever you are.

  • GPG-based encryption is strong, industry proven encryption which you control. Configure the ciphers and settings you want to use.

How does Passwords work?

This application is built around a stateless, zero‑knowledge encryption model. It leverages GPG keys for all cryptographic operations but never stores or retains which keys were used. Each encryption or decryption event is independent, ensuring that the application itself has no knowledge of your secrets — only you, as the key holder, can access them.

To reinforce this privacy‑oriented approach, the app uses a local database where every piece of information is encrypted or hashed, including metadata such as search terms. While this design may feel slightly less intuitive compared to traditional password managers or search systems, it ensures that even seemingly harmless data cannot be exploited. The result is a tool that prioritizes security and confidentiality over convenience, giving you complete control of your information.

Key principles of the design:

  • Zero‑knowledge: The app never retains or exposes your keys or plaintext data.
  • Stateless: Each operation stands alone; there is no persistent mapping between data and keys.
  • Encrypted metadata: Even search queries and internal references are protected, eliminating potential leaks.
  • Local‑only: All data stays on your device, reducing exposure to online threats.

This architecture makes the application a privacy‑first alternative to conventional solutions, empowering users who value security and independence above all else.