Simple, secure password and data management for individuals and teams

Related tags

Security padloc
Overview

Padloc

Simple, secure password and data management for individuals and teams (formerly known as Padlock).

This repo is split into multiple packages:

Package Name Description
@padloc/core Core Logic
@padloc/app Web-based UI components
@padloc/server The Backend Server
@padloc/pwa The Web Client, a Progressive Web App built on top of the @padloc/app package
@padloc/locale Package containing translations and other localization-related things
@padloc/electron The Desktop App, built with Electron
@padloc/cordova Cordova project for building iOS and Android app.
@padloc/tauri (experimental) Cross-platform native app builder for Padloc, powered by Tauri

Getting Started

Step 0: Install Prerequisites

You'll need

Step 1: Clone the Repo

git clone https://github.com/padloc/padloc
cd padloc

Step 2: Install Dependencies

npm install

Step 3: Start Server and Web Client

PL_DATA_DIR=~/padloc-data \
PL_SERVER_PORT=3000 \
PL_PWA_PORT=8080 \
npm run start

For more configuration options, see Configuration

Scripts

Command Description
npm start Starts both backend server and web client.
npm run server:start Starts only backend server.
npm run pwa:start Starts only web client (You'll need to run npm run pwa:build first).
npm run pwa:build Builds the web client
npm run dev Starts backend server and client app in dev mode, which watches for changes in the source files and automatically rebuilds/restarts the corresponding components.
npm test Run tests.

Configuration

Environment Variable Default Description
PL_SERVER_PORT 3000 Which port to host the backend server on
PL_SERVER_URL http://0.0.0.0:$PL_SERVER_PORT Public URL that will resolve to the backend server. Used by clients to send requests.
PL_PWA_PORT 8080 Which port to host the web client on
PL_PWA_URL http://0.0.0.0:$PL_PWA_PORT Public URL that will resolve to the web client. Used by the server to generate links into the web client.
PL_PWA_DIR ./packages/pwa/dist Build directory for web client.
PL_DATA_DIR ./data Directory used by server for persistent data storage
PL_ATTACHMENTS_DIR ./attachments Directory used by server to store attachments
PL_LOGS_DIR ./logs Directory used by server to store logs
PL_EMAIL_USER - SMTP user for sending emails.
PL_EMAIL_SERVER - SMTP server for sending emails
PL_EMAIL_PORT - SMTP port for sending emails
PL_EMAIL_SECURE false SMTP use secured connection for sending emails
PL_EMAIL_PASSWORD - SMTP password for sending email
PL_REPORT_ERRORS - Email address used for reporting unexpected errors in the backend.

Security

For a security design overview, check out the security whitepaper.

Comments
  • Let (mobile) apps sync with custom server instance

    Let (mobile) apps sync with custom server instance

    Right now, Padlock is able to sync with cloud.padlock.io, which is great, however, I would love to be able to run my own instance of the server and let the (mobile) apps (iOS/Android/possible stand-alone application to be developed) sync with it instead of trusting a third party with my password/sensitive information.

    So there'd need to be a choice when setting up sync, i.e. entering a custom URL etc.

    opened by moritzheiber 32
  • [Feedback Wanted] Add instructions for hosting/running your own Padloc suite

    [Feedback Wanted] Add instructions for hosting/running your own Padloc suite

    I know you've confirmed with me off-list that the newer Padloc will have hosting instructions and instructions on how to build the mobile apps for using these custom instances (since the newer apps won't support custom instance for syncing anymore) added to their repositories.

    I'm opening this bug to track the efforts for these tasks, since as much as I love the new service(s) (and am I beta user myself) I won't use a centralized, managed service to sync my passwords.

    Padlock, in the past, has been a phenomenal tool for managing my passwords and secrets efficiently and I would love for Padloc to carry on this legacy.

    PS: Obviously, I'd rather love to have the official apps support custom servers, but right now there isn't any other choice I'm afraid

    opened by ghost 23
  • Hide all passwords on hover by default

    Hide all passwords on hover by default

    With Padlock 2.5.0, you can now individually set each password to either show or stay hidden on hover. But it's set to show by default. With 2.4.2 I had passwords hidden. After upgrading to 2.5.0 they are all shown by default. Changing them one by one is tedious, and there doesn't seem to be a global switch anymore.

    Is there, or can there, be a way to hide all passwords in bulk?

    opened by orentrutner 15
  • Biometric Authentication (Fingerprint, FaceID etc.)

    Biometric Authentication (Fingerprint, FaceID etc.)

    Common password managers support the unlocking of the vault using the iOS TouchID fingerprint identification framework.

    I will post more information to this issue about the implementation and possible ways in Polymer or cordova.

    enhancement 
    opened by dploeger 15
  • Having trouble in setting mongodb in development environment

    Having trouble in setting mongodb in development environment

    I simply added .env and tried to run command

    npm run start -- --env=file/to/path/.env
    
    but i am getting this as an exit code 
    http-server ${PL_PWA_DIR:-dist} -s -p ${PL_PWA_PORT:-8080} --proxy ${PL_PWA_URL:-http://0.0.0.0:${PL_PWA_PORT:-8080}}?
    

    i know that for running development environment i have to run:- npm run dev

    but by default it is connecting to leveldb even after i added .env and once i added .env i am trying to run :- npm run start -- --env=file/to/path/.env and again getting the same error

    i just need help and way to how to connect to mongodb in local environment and how to make .env work in local environment i am getting PL_DATA_STORAGE_BACKEND was set to 'mongodb', but no related configuration was found!

    Please help me with this.

    opened by PraveenDWappgo 14
  • Desktop app saves item with all fields empty

    Desktop app saves item with all fields empty

    When creating a new item, filling all fields, and saving, the desktop (Mac OS) saves the item with all fields empty.

    This doesn't happen all the time. It happens often (probably 40% of the time) and I haven't been able to identify any pattern on why/when this happens.

    Screen Shot 2020-01-09 at 8 30 33 AM
    opened by raphmim 14
  • Padlock is using a consistent amout of  CPU (5%) when idle under Linux

    Padlock is using a consistent amout of CPU (5%) when idle under Linux

    When Padlock is running, unlocked, under Linux, it appears to be using a consistent 5% of my CPU resources. I'm not sure what it's doing the whole time, but it sure shouldn't be doing anything that requires it to use 5% of my system's resources the whole time?

    Let me know if there's anything I can help with in terms of tracking this down.

    OS: Xubuntu Linux 18.04 Version: 2.7.2, custom server with auto-sync enabled

    opened by moritzheiber 14
  • [BUG] Failed to verify auth token

    [BUG] Failed to verify auth token

    Hello,

    When I try to login from a computer on my padloc (self hosted), I have the error "Failed to verify auth token".

    So, I enter my email, the system doesn't detect that it's an existing account... So I enter a "wrong" password, I confirm, and then padloc detect that my account exist. Thus, it ask me to connect (with my password).

    I receive this question ("trust this device ?"):
    image

    Then I have the error message:
    image

    Here is the console log: 188798737-c29ac54e-eb19-4739-a7ed-257a1e989203

    I don't have any error in back.

    How can I debug ? I see in the URL that "authToken" is defined... I supposed it's not the correct one, but don't know how to fix that xD

    Small information: date and hour of my computer and my server are the same.

    opened by detobel36 13
  • Joining Organisations

    Joining Organisations

    Hi there,

    Issue: Confirmation Dialogue box never appears when accepting an invite to join a team.

    I believe that this is related to using a self-signed certificate.

    I am not exposing the site to the wider web.

    I am able to sign-in, create vault items, create teams/ orgs but unable to accept the invite for teams.

    Time: 2022-01-11T15:04:26.058Z 
    Error Code: unknown_error: 
    Error Message: Failed to register a ServiceWorker for scope ('https://padloc.holbrookacademy.org/') with script ('https://padloc.holbrookacademy.org/sw.js'): An SSL certificate error occurred when fetching the script.
    
    Time: 2022-01-11T16:33:28.543Z 
    Error Code: unknown_error: 
    Error Message: Failed to register a ServiceWorker for scope ('https://padloc.holbrookacademy.org/') with script ('https://padloc.holbrookacademy.org/sw.js'): An SSL certificate error occurred when fetching the script.
    Stack Trace: 
    undefined 
    
    
    opened by SourSpoon 13
  • Cannot connect to custom server using OS X

    Cannot connect to custom server using OS X

    Similar issue to #87, however the following scenario is the case:

    • Padlock Cloud running and web interface can be reached from every device I own
    • Windows and iOS app connect to the custom padlock cloud server and data gets synchronized
    • OS X app throws an error saying "Failed to connect to Padlock Cloud..."

    There are no error logs to inspect, as far as I could see. Hard to troubleshoot this issue. Things I have tried:

    • Waiting 48 hours to see if DNS was an issue
    • Flush DNS cache
    • Reinstall Padlock Cloud
    • Change port and hostname of Padlock Cloud
    • cors set to true

    None of the above helped or solved the issue.

    opened by Malalicious 12
  • Use asymmetric encryption

    Use asymmetric encryption

    IDK if this is a real issue or not, but I was thinking about it this morning

    It seems like the architecture is that the DB file is symmetrically encrypted using the passphrase I choose and stored on the server to be synchronized with other devices

    That means if someone gets ahold of my database file somehow (e.g. back end server breach) they could relatively easily brute force or dictionary attack passwords on the file unless my passphrase was very complicated (and I doubt most people have complicated passphrases)

    Seems like padlock should be using public key encryption where each machine has its own key pair and the key pair has a passphrase-allows you to use different keyphrases on different machines as well. The only limitation of that approach is that a machine with access to the file has to be used to approve adding another device, because it would have to decrypt the file and re-encrypt with a new set of public keys

    LMK if I'm totally off base here (I'm hoping that I am)

    opened by moodysalem 12
  • PWA Webpack Potential Memory Leak/Large Memory Usage

    PWA Webpack Potential Memory Leak/Large Memory Usage

    Trying to use Padloc on a lower tier VM provided through Linode and running into some memory heap issues. I'm wondering if it's possible that there's a memory leak occurring during the Webpack bundling, or if potentially switching to something like generally faster than Webpack like Vite might help with memory usage?

    I wasn't able to find any benchmarks comparing memory usage between Vite and Webpack, but it seems strange that the PWA would require significant memory to be able to build. In the meantime, I'm upgrading my VM to try and get an idea of how much memory is needed, and might resort to bundling locally and then uploading to a lower tier VM.

    Update: a VM with 2GB was able to build successfully after 114804ms. That's better than I was expecting to be honest, but I'd still be curious if the required memory could be brought down a bit.

    > @padloc/[email protected] build
    > webpack
    
    
    <--- Last few GCs --->
    
    [9360:0x666b830]    69185 ms: Scavenge 477.4 (496.7) -> 476.3 (496.7) MB, 15.7 / 0.0 ms  (average mu = 0.695, current mu = 0.806) allocation failure 
    [9360:0x666b830]    69204 ms: Scavenge 477.8 (496.7) -> 477.0 (496.7) MB, 4.5 / 0.0 ms  (average mu = 0.695, current mu = 0.806) allocation failure 
    [9360:0x666b830]    69214 ms: Scavenge 478.3 (496.7) -> 476.6 (500.7) MB, 3.3 / 0.0 ms  (average mu = 0.695, current mu = 0.806) allocation failure 
    
    
    <--- JS stacktrace --->
    
    FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory
     1: 0xb06730 node::Abort() [webpack]
     2: 0xa1b6d0  [webpack]
     3: 0xce1e60 v8::Utils::ReportOOMFailure(v8::internal::Isolate*, char const*, bool) [webpack]
     4: 0xce2207 v8::internal::V8::FatalProcessOutOfMemory(v8::internal::Isolate*, char const*, bool) [webpack]
     5: 0xe99875  [webpack]
     6: 0xea953d v8::internal::Heap::CollectGarbage(v8::internal::AllocationSpace, v8::internal::GarbageCollectionReason, v8::GCCallbackFlags) [webpack]
     7: 0xeac23e v8::internal::Heap::AllocateRawWithRetryOrFailSlowPath(int, v8::internal::AllocationType, v8::internal::AllocationOrigin, v8::internal::AllocationAlignment) [webpack]
     8: 0xe6d77a v8::internal::Factory::NewFillerObject(int, bool, v8::internal::AllocationType, v8::internal::AllocationOrigin) [webpack]
     9: 0x11e64e6 v8::internal::Runtime_AllocateInYoungGeneration(int, unsigned long*, v8::internal::Isolate*) [webpack]
    10: 0x15da159  [webpack]
    Aborted
    

    With some direction, happy to investigate more; I don't have a good idea what next debugging steps might be. I might be able to submit a PR for migrating the PWA to Vite, but can't guarantee I'll have the time. Thanks!

    opened by arimgibson 6
  • chore: create preview environments on every PR

    chore: create preview environments on every PR

    This PR adds github workflows which will trigger uffizzi preview environments for PRs to this repo. A PoC has been created at this PR. Once this PR is merged, you should be able to see comments like these on PRs to this repo. These comments are created after a preview env has been deployed for the PR.

    fixes https://github.com/padloc/padloc/issues/613

    opened by waveywaves 14
  • Use padloc as a password manager on chrome

    Use padloc as a password manager on chrome

    Currently even after installing the padloc chrome extension, it doesn't show any option to use it as a password manager. This is something that's available on 1Password and turns out to be a great productivity boost.

    Screenshot 2022-10-14 at 9 02 25 AM under consideration 
    opened by tusharmath 5
  • Investigate increasing developer productivity with pull requests environments

    Investigate increasing developer productivity with pull requests environments

    I would like to make life easier for existing and new Padloc contributors including maintainers by implementing Uffizzi previews. Disclaimer: I work on Uffizzi Uffizzi is a Open Source full stack previews engine and is free for Padloc. This will provide newcomers with previews of their PRs in the cloud, allowing them iterate faster, without having to first set up a complete development environment themselves.

    TODO:

    • [ ] Intial POC
    opened by waveywaves 2
  • Update self-hosting documentation

    Update self-hosting documentation

    Barely any documentation has been updated to V4, there are no usable docker files, the docker-compose.yml is over a year old, and there aren't any particularly clear instructions on how to get up and running. As previously stated, the instructions that we do have at the moment are very outdated and I've had quite a bit of trouble trying to get myself a self-hosted instance.

    documentation 
    opened by Z4Y 13
Releases(v4.2.0)
Owner
Padloc
A modern, open source password manager.
Padloc
PassDrop is a fully-featured secure password management system, compatible with the free KeePass 1.x (Classic) and multi-platform KeePassX desktop applications.

passdrop This is a modern, updated build of Rudis Muiznieks's PassDrop application. PassDrop is a fully-featured secure password management system, co

Chad Austin 33 Sep 23, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Cossack Labs 1.6k Dec 30, 2022
Simple command line to generate random password.

pwgen Simple command line to generate random password. ➜ Bootstrap pwgen n5aR[[email protected]@fj ➜ Bootstrap pwgen 32 f0)th54[wpX.Zf99nj

Lakr Aream 2 Dec 19, 2022
Native and encrypted password manager for iOS and macOS.

Open Sesame Native and encrypted password manager for iOS and macOS. What is it? OpenSesame is a free and powerful password manager that lets you mana

OpenSesame 432 Jan 7, 2023
Password generator and strength tester

Password-Generator Password generator and strength tester Description This was a

null 5 Feb 1, 2022
Simple and secure hashing in Swift with the SipHash algorithm

SipHash ⚠️ WARNING This package has been obsoleted by the Hasher type and the Hashable.hash(into:) requirement introduced in Swift 4.2. Using this pac

null 262 Dec 19, 2022
Private Password Manager developped with Swift for iOS project.

Private Password Manager developped with Swift for iOS project. This manager can syncronize secret data to Azure Blob Storage. To specify user account, tSecret use Azure Active Directory authentication.

Manabu Tonosaki 0 Dec 3, 2021
A realistic password strength estimator.

.................................................bbb.................... .zzzzzzzzzz..xxx....xxx....cccccccc..vvv....vvv..bbb.........nnnnnnn.... ....

Dropbox 219 Sep 21, 2022
KeePassium is a KeePass-compatible password manager for iOS

KeePassium is a KeePass-compatible password manager for iOS. It offers automatic database synchronization, respect to privacy and premium user experience.

KeePassium 839 Jan 8, 2023
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift

CryptoSwift Crypto related functions and helpers for Swift implemented in Swift. (#PureSwift) Note: The master branch follows the latest currently rel

Marcin Krzyzanowski 9.4k Jan 5, 2023
The minimalistic, secure and open-source two-factor authentication app.

Einmal /ˈainmaːl/ German: once The minimalistic, secure and open-source two-factor authentication app. Features ♻️ Cross-platform — available on Andro

Incipher 75 Aug 21, 2022
Helps you define secure storages for your properties using Swift property wrappers.

?? Secure Property Storage Helps you define secure storages for your properties using Swift property wrappers. ?? Features All keys are hashed using S

Alex Rupérez 443 Jan 4, 2023
Valet lets you securely store data in the iOS, tvOS, or macOS Keychain without knowing a thing about how the Keychain works.

Valet Valet lets you securely store data in the iOS, tvOS, watchOS, or macOS Keychain without knowing a thing about how the Keychain works. It’s easy.

Square 3.8k Jan 4, 2023
To Practice UINavigationController, transition, ViewController Life Cycle, send data to different page, asset catalogs

LED Board Check Point ! StackView 여러개의 view 를 set 으로 만들어 주는 역활을 함 일정한 규칙에 따라서 stack view 안에 움직이는것임 이미지 넣기 프로젝트 내에 Assets 폴더 내에 Image Set 을 추가하여 1x, 2x

Jacob Ko 0 Dec 5, 2021
Conflict-free Replicated Data Types in Swift

CRDT An implementation of ∂-state based Conflict-free Replicated Data Types (CRDT) in the Swift language. Overview This library implements well-known

Joseph Heck 29 Dec 8, 2022
PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. PGPro is made in Switzerland.

PGPro can encrypt and decrypt messages as well as manage all your OpenPGP keys. It is free, simple and lightweight. Everything stays on your device. P

Luca Näf 250 Jan 4, 2023
Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.

KeychainAccess KeychainAccess is a simple Swift wrapper for Keychain that works on iOS and OS X. Makes using Keychain APIs extremely easy and much mor

Kishikawa Katsumi 7.2k Dec 30, 2022
A simple Swift Keychain Wrapper for iOS, watchOS, and OS X.

Latch A simple Swift 2.0 Keychain Wrapper for iOS, watchOS 2, and OS X. Usage A proper example of how to use Latch can be seen in the tests. import La

Danielle 56 Oct 25, 2022
Simple Objective-C wrapper for the keychain that works on Mac and iOS

SAMKeychain SAMKeychain is a simple wrapper for accessing accounts, getting passwords, setting passwords, and deleting passwords using the system Keyc

Sam Soffes 5.4k Dec 29, 2022