Skip to content
/ PetalVault-Android Public

Secure offline multi-vault password manager with QR code-based synchronization

License

GPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

F33RNI/PetalVault-Android

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

25 Commits
.github/workflows
.github/workflows
Β 
Β 
.idea
.idea
Β 
Β 
app
app
Β 
Β 
gradle
gradle
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
README_RU.md
README_RU.md
Β 
Β 
build.gradle
build.gradle
Β 
Β 
gradle.properties
gradle.properties
Β 
Β 
gradlew
gradlew
Β 
Β 
gradlew.bat
gradlew.bat
Β 
Β 
settings.gradle
settings.gradle
Β 
Β 

Repository files navigation

🌸 PetalVault-Android

Project logo

Secure offline multi-vault password manager with QR code-based synchronization

Project banner

GitHub Actions Workflow Status GitHub Actions Workflow Status GitHub License

Русская вСрсия README PetalVault desktop version Download app

πŸ˜‹ Support Project

πŸ’œ Please support the project

  • BTC: bc1qaj2ef2jlrt2uafn4kc9cmscuu8yqkjkvxxr5zu

  • ETH: 0x284E6121362ea1C69528eDEdc309fC8b90fA5578

  • ZEC: t1Jb5tH61zcSTy2QyfsxftUEWHikdSYpPoz

  • Or by my music on πŸ”· bandcamp

  • Or message me if you would like to donate in other way πŸ’°

⚠️ Disclaimer

PetalVault is under development

Use at your own risk. The author of the repository is not responsible for any damage caused by the repository, the application, or its components

❓ Getting Started

PetalVault is a secure offline password manager with AES256 + Scrypt encryption, mnemonic phrase as the primary key, and offline synchronization using QR codes

PetalVault allows you to create multiple vaults on one device, each protected by different keys. For example, multiple people can use one device, or you can use separate vaults for different tasks

Each vault is securely encrypted with a master key derived from mnemonic phrase (12 words). You can scan or show this phrase using a QR code. Additionally, to simplify access to the vault, you can create your own master password. In this case, the mnemonic phrase will be encrypted with this password and stored in the vault. If you forget the master password, you can restore access to the vault by entering the mnemonic phrase

Each vault can be exported and imported using QR codes. You can also set up synchronization between two devices to sync only changes, not the entire vault. Synchronization can be performed in public places, as the data in QR codes is securely encrypted. Note that both devices must have the same mnemonic phrase since the synchronization key is also derived from it

πŸ“¦ Download and Installation

πŸ†• Creating or Importing a Vault

  1. First, create or import a vault. To do this, click on the + New or ↓ Import button
  2. Choose any name for your vault. You can rename it later
  3. Create a mnemonic phrase or choose a randomly generated one. Write this phrase down in a secure place because if you lose the master password, you can only restore access to the vault using this mnemonic phrase.
    • For import, scan the QR code of the mnemonic phrase from another device. Keep in mind that the phrase is in plain text, so during the scanning, no one should see the QR code
  4. Choose whether you want to save the mnemonic phrase encrypted with your master password. If your password is strong you can safely use the master password.
  5. Enter the master password twice. If they do not match, you will be prompted to enter it again
  6. Wait for the vault to be created. On weaker devices, this might not happen instantly
  7. For import, scan all QR codes from another device in sequence, after selecting export

πŸ” Adding Entries

  1. To add entries, click +. You have 4 fields available: website address (or name for which the password is used), username, password, and notes. The data in all fields are encrypted, so you can store sensitive data in any of them
    • To add an entry, you must fill in the site and/or username fields. PetalVault also automatically generates a strong password that you can use for this entry
    • All 4 fields have a copy to clipboard function. To do this, click the button to the left of the field
    • The password field is hidden by default. To show the text, click the πŸ‘οΈ button on the right
  2. Confirm by clicking the βœ”οΈ Done button

✏️ Editing and Deleting Entries

  • To edit and copy data of each entry, click on the text in the list. You can change any field
  • To delete an entry, click on the πŸ—‘οΈ button at the top of the editing dialog and confirm the deletion

πŸ”„ Synchronization and Export

  1. Click the Sync button and select Sync to. Choose an existing device or create a new one. This is necessary to sync only the changes in the future, not the entire vault
  2. On the other device, select Sync from and scan the QR codes
  3. If the mnemonic phrases do not match (the master password, unlike the mnemonic phrase, can differ), an error will occur because the synchronization data is encrypted
  4. During the first synchronization, especially if there are many entries, there may be several QR codes. Scan them all sequentially. If you missed a QR code, you can scan it later, as the order of scanning does not matter
  • To export the vault to a new device (without creating a device), click the Sync button and select Export. On the other device, click Import / Sync from and scan all the QR codes

⚠️ For synchronization/import/export, the mnemonic phrase on both devices must be the same. However, the master password, unlike the mnemonic phrase, can differ

πŸ“ Editing and Deleting the Vault

  • You can rename the vault. To do this, click the ✏️ button at the top of the dialog and enter a new name
  • To delete the vault, click the πŸ—‘οΈ button at the top of the dialog and confirm the deletion

⚠️ For security reasons, the vault can only be deleted after it is decrypted

πŸ—οΈ Build from Source

# Install JDK 17
$ sudo apt-get install openjdk-17-jdk
$ javac -version
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
javac 17.0.11

# Clone repo
$ git clone https://github.com/F33RNI/PetalVault-Android.git
$ cd PetalVault-Android

# Install unzip tool
$ sudo apt-get install unzip

# Download SDK manager (CLI version) <https://developer.android.com/studio>
$ wget https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip
$ mkdir sdk && unzip -d sdk commandlinetools-*.zip

# Download Gradle
$ wget https://services.gradle.org/distributions/gradle-4.1-all.zip
$ unzip gradle-*.zip

# Set env variables
$ export ANDROID_HOME=$PWD/sdk
$ export GRADLE_HOME=$PWD/gradle-4.1/bin
$ export PATH=$PATH:$GRADLE_HOME:$ANDROID_HOME/platform-tools:$ANDROID_HOME/cmdline-tools:$ANDROID_HOME/cmdline-tools/bin:$ANDROID_HOME/build-tools/34.0.0

# Update if possible
$ sdkmanager --sdk_root="./sdk" --update

# Install tools (run sdkmanager --sdk_root="./sdk" --list to show available tools and their versions)
$ sdkmanager --sdk_root="./sdk" "build-tools;34.0.0" "platform-tools" "platforms;android-34"

# Finally, build Debug version
# APKs will be in ./app/build/outputs/apk/debug/
$ ./gradlew assembleDebug --stacktrace

# Build release version
# APKs will be in ./app/build/outputs/apk/release/
$ ./gradlew assembleRelease --stacktrace

# Build bundle
# AABs will be in ./app/build/outputs/bundle/release/
$ ./gradlew bundleRelease --stacktrace

✨ Contribution

  • Anyone can contribute! Just create a pull request

About

Secure offline multi-vault password manager with QR code-based synchronization

Topics

android synchronization offline password-generator password-manager qrcode password qr-code apk secure passwords qr password-store mnemonic master-password mnemonic-phrase

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

Beta 1.1.0 Latest
Jun 23, 2024
+ 1 release

Packages

No packages published

Languages