SecPwdMan is a cross-platform, open-source password manager that stores all your passwords securely encrypted with a single master password. It is designed for privacy, security, and usability, supporting advanced cryptography, and modern desktop features.
- Features
- Screenshot
- Installation
- Usage
- Configuration
- Security
- Testing
- Build & Development
- Dependencies
- Contributing
- License
- Encryption: AES/GCM (256-bit) or ChaCha20-Poly1305 (256-bit)
- Key Derivation: Argon2 (recommended), scrypt or PBKDF2
- Password Strength Measurement: Integrated zxcvbn4j
- Random Password Generator: Customizable, supports custom characters
- Automatic Lock: Locks after inactivity
- Deflate Compression: For password file storage
- Secure File Deletion: Shreds exported files
- Screenshot Protection: Prevents screen capture on Windows
- Cross-Platform: Linux, Mac, Windows
- Modern UI: Built with Eclipse SWT
- Import/Export: CSV support
- Configurable Table & Dialog Fonts
- Theming: Dark mode
- Unit & Integration Tests: Comprehensive test coverage
- Secure Native Memory: All sensitive data (passwords, keys) are handled using off-heap native memory (Java Foreign Memory API) via the
SecureMemoryutility, ensuring automatic zeroing and minimizing heap exposure.
- Java 25 (GraalVM recommended for native image)
- Gradle 8.14+
- Git
git clone https://github.com/seerainer/SecPwdMan.git
cd SecPwdMan./gradlew build
./gradlew run./gradlew nativeCompile
./build/native/nativeCompile/SecPwdMan./gradlew run- Add, edit and delete password entries
- Organize passwords in groups
- Generate strong random passwords
- Import/export as CSV
- Change master password and key derivation settings
- Lock/unlock the application
- You can pass a password file as an argument to open it directly:
./gradlew run --args='my-passwords.json'
- All configuration and log files are stored in your home directory
- Settings include:
- Key derivation function (Argon2, scrypt, PBKDF2)
- Encryption algorithm (AES, ChaCha20)
- Auto-lock timeout
- Table and dialog font
- Window size and position
- Encryption: All passwords are encrypted with a strong symmetric cipher
- Key Derivation: Uses Argon2, scrypt or PBKDF2 for master password transformation
- SecureRandom: Cryptographically secure random number generation
- Screenshot Protection: Prevents screen capture on Windows
- Secure File Deletion: Shreds exported files to prevent recovery
- Password Strength: Integrated zxcvbn4j for strength feedback
- No Cloud Storage: All data is local; no remote sync
- Unit Tests:
- Run with:
./gradlew unitTest
- Run with:
- Integration Tests:
- Run with:
./gradlew integrationTest
- Run with:
- All Tests:
- Run with:
./gradlew allTests
- Run with:
- Test Reports:
- See
build/reports/tests/
- See
./gradlew build— Compile and package./gradlew run— Run the application./gradlew nativeCompile— Build native image (GraalVM)./gradlew unitTest— Run unit tests./gradlew integrationTest— Run integration tests
SecPwdMan/
├── src/
│ ├── main/java/io/github/seerainer/secpwdman/ # Source code
│ ├── main/resources/ # Resource files
│ ├── test/java/io/github/seerainer/secpwdman/ # Test code
│ ├── test/resources/ # Test resources
├── build.gradle # Build configuration
├── README.md # This file
├── CHANGELOG.md # Changelog
- slf4j — Logging
- zxcvbn4j — Password strength
- nanojson — JSON parsing
- password4j — Argon2
- Eclipse/SWT — GUI
- JUnit 5 — Testing
- AssertJ — Fluent assertions
Contributions are welcome! Please:
- Open issues for bugs, feature requests or questions
- Fork the repository and submit pull requests
SecPwdMan is licensed under the GNU General Public License v3.0. See LICENSE.txt for details.