Deprecated - learning project
LibrePass
An open-source password manager with end-to-end encryption, zero-knowledge architecture, and multi-device sync.
Overview
LibrePass combines strong security with practical user experience.
- End-to-end encryption with client-side cryptography
- Zero-knowledge architecture
- Multi-device sync with Kotlin/Spring backend
- Native clients with modern UI
Architecture
Clients
Android, desktop, and web clients handle crypto locally. Keys never leave the device.
Backend
Kotlin + Spring Boot handles accounts, sessions, and vault storage. Dockerized with CI/CD.
Data Model
Vault items encrypted with authenticated encryption. Minimized metadata to reduce leakage.
Security
Argon2id for password derivation, AES-256-GCM for encryption. Per-item nonces.
Key Features
Encrypted Vaults
Secure passwords and notes with device-level encryption
Zero-Knowledge Sync
Server never sees plaintext - only encrypted blobs stored
Offline-First Sync
Works offline with conflict-aware synchronization
Easy Deployment
Dockerized backend for simple self-hosting