vaults logo

vaults

  •  0 ratings
In category: Password Managers

About vaults

Password manager featuring client side AES-256 encryption, PBKDF2 hashing, vaults, password generation & more.

  •   554  
  •   0  
  •   0  
  •   0  
Github stats:
  •  Commits: N/A  
  •   N/A  
  •   N/A  
  •  Latest commit: N/A  

Deploy this app to Linode with a free $100 credit!

Languages/Platforms/Technologies:
Lincenses:

More about vaults

GitHub GitHub GitHub

vaults is a password manager featuring client side AES-256 encryption, PBKDF2 hashing, vaults, password generation & more.

Homepage desktop Dashboard desktop


  1. Features
  2. Installation
  3. Technical overview
    1. Vaults
    2. Entities
    3. Categories
    4. Front end
      1. Front end technologies
    5. Back end
      1. Back end technologies
    6. Other technical details
    7. Security schema
  4. Contributing & Getting started
  5. License

Features

  • Client side encryption for maximum security
  • Vaults
  • Multiple types of items
    • Logins
    • Notes
  • Folders(categories)
  • Cryptographically secure password generator
  • Responsive front end

Installation

If you want to self-host, download the latest release and follow the installation steps here.

Technical overview

This application consists of multiple parts:

  • front end
  • back end(API)
  • storage

Vaults

A "vault" is a collection of multiple items(or entities, more on them below). It is the highest unit to save items in & must have a name & description. Users can use it to differentiate between personal items, work related items, family, games etc.

Categories

A "category" is used to group items inside a vault. It must have a name and there can be any amount of them in each vault.

Entities

Login

The "login" represents an online account. It contains the following fields:

  • name(the name of the login)
    • required
  • username
    • required
  • email
  • website
    • required
  • password
  • description

Note

A "note" can be freely used for whatever else and serves as a blueprint for other items the user might have a need for, such as Wi-Fi passwords, membership cards, SSH keys, and much more. These are the fields of the note:

  • name(the name of the note)
    • required
  • description

Front end

The front end has a wide range of responsibilities such as: - entity modeling, - creation of the user encryption key based on the master password & using the email as a salt, - 100100 iterations of PBKDF2 - creation of the authentication hash based on the master password & using the encryption key as a salt, - 1 extra iteration of PBKDF2 - encrypting the data before sending it off to the backend, - AES-256 in CBC mode - decrypting the data after a successful request using the encryption key - managing the data reactively and globally using state management - being a single page application/UI - offering a mobile first design experience

Front end technologies

  • Vue.js 3
  • Vuex
  • VeeValidate for dynamic and easier form handling & validation
  • Asynchronous HTTP requests with Axios
  • aes-js
  • pbkdf2
  • SCSS

Back end

The back end has the following responsibilities:

  • user authentication
  • additional 100000 iterations of PBKDF2 on the authentication hash
  • handling CRUD operations on the entities in a RESTful manner
  • complete secrecy regarding the entities; the back end entities comprise only of a field called "data" and respective keys. the data field is fully encrypted from the front end.
  • offering storage
  • acting as an API on a subdomain and actively handling CORS and CSRF
  • UUID strategy for the primary keys of all the entities

Back end technologies

  • Symfony 5.3.6
  • PHP 8.0
  • MySQL 8.0

Other technical details

This project runs completely on Docker, be it the back end, front end, server hosting(NGINX) & database. Docker Compose is used for orchestration.

Security schema

Item mobile

Explanation of the security model:

The user registers using a master password, which is firstly hashed into an encryption key using the unique email address as a salt. The master password is then used to create an authentication hash using the encryption key as a salt; the authentication hash is the value that gets sent to the back end for it to be hashed again using a randomly generated salt, and which will eventually be the value the user authenticates against.

The vault and every other data inside gets encrypted with the mentioned encryption key before doing any operation and sending to the backend. On successful requests the vault will then be decrypted by the front end.

Contributing & Getting started

If you want to get involved please refer to the contributors' documentation.

License

GPLv3

Comments (0)

Please login to join the discussion on this project.

vaults Reviews (0)

Overall Rating

None

based on 0 ratings

Please login to review this project.

No reviews for this project yet.

↑ back to top

pCloud Lifetime

Popular Projects

FluxBB

in Social Networks and Forums
 33k    0    0    0  

Nextcloud

in File Transfer & Synchronization
 20k    1    1    0  

Libreddit

in Social Networks and Forums
 7k    0    1    0  

Dashboard

in Personal Dashboards
 6k    0    0    0  

Audiobookshelf

in Audio Streaming
 5k    0    1    0  

CasaOS

in Self-hosting Solutions
 5k    0    0    0  

Mediagoblin

in Photo and Video Galleries
 4k    0    0    0  

Most Discussed

Nextcloud

in File Transfer & Synchronization
 20k    1    1    0  

Tube Archivist

in Automation
 3k    0    1    0  

OneDev

in Project Management
 2k    0    0    0  

iodine

in Proxy
 2k    0    0    0  

Alf.io

in Booking and Scheduling
 2k    0    0    0  

sysPass

in Password Managers
 1k    0    0    0  

Misskey

in Social Networks and Forums
 2k    0    0    0  
Linux VPS from $11/yr.
RackNerd VPS for $11.38/mo

Top Rated Projects

Gitea

 1 rating
in Project Management

Bagisto

 1 rating
in E-commerce

LinkAce

 1 rating
in Bookmarks and Link Sharing

Pydio

 1 rating
in File Transfer & Synchronization

Audiobookshelf

 1 rating
in Audio Streaming

Nextcloud

 1 rating
in File Transfer & Synchronization

Seafile

 1 rating
in File Transfer & Synchronization

Categories

You May Also Be Interested In

Passbolt logo
Passbolt cover

Passbolt

Password manager dedicated for managing passwords in a coll…

Shaark logo
Shaark cover

Shaark

All in one platform for your links, stories, passwords and …

keeweb logo
keeweb cover

keeweb

This webapp is a browser and desktop password manager compa…