Password

Top 23 Password Open-Source Projects

  1. keepassxc

    KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.

    Project mention: Passkey marketing is lying to you (it's simple) | news.ycombinator.com | 2025-01-04

    Oof, I found a whole ton of anti-open-source-software quotes on the related Github issue https://github.com/keepassxreboot/keepassxc/issues/10406 :

    > When required, the authenticator must perform user verification (PIN, biometric, or some other unlock mechanism). If this is not possible, the authenticator should not handle the request.

    > [A passkey provider certification process] is currently being defined and is almost complete.

    > This implementation is not spec compliant and has the potential to be blocked by relying parties.

    > Then you should require its use when passkeys are enabled ... [You may be blocked because] you have a passkey provider that is known to not be spec compliant.

    > I suspect we'll see [biometrics] required by regulation in some geo-regions.

    > I see a lot of misinformation and incorrect guesses about the intentions of various parties in the recent threads. If it would be helpful, I'm willing to have a [private, non-public] call with interested parties to try and answer some of the questions that have been raised to ensure we have a common technical understanding of FIDO/WebAuthn.

    I felt reasonably positive about Passkeys while writing this blog post, but continuing to read the spec authors' insistence that only Big Tech may handle these problems is extremely worrying. I really want to like this feature, but the authors are acting like complete jerks and driving me away.

  2. CodeRabbit

    CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

    CodeRabbit logo
  3. hashcat

    World's fastest and most advanced password recovery utility

    Project mention: Build An Advanced Password Cracker With Python (Complete Guide) | dev.to | 2024-10-07

    Download Hashcat from the official website.

  4. SuperTokens Community

    Open source alternative to Auth0 / Firebase Auth / AWS Cognito

    Project mention: Auth Pricing Wars: Cognito vs Auth0 vs Firebase vs Supabase | dev.to | 2024-12-19

    For B2C, Supabase will get you most of the way for small to medium MAU applications. You might need additional services for analytics and monitoring. If you are building a boom-or-bust B2C company (ex. social media platform, video game, media publication) you should consider using an open-source self-hosted solution like SuperTokens.

  5. KeeWeb

    Free cross-platform password manager compatible with KeePass

    Project mention: Bitwarden SDK relicensed from proprietary to GPLv3 | news.ycombinator.com | 2024-10-24

    It is actually sort of how I used it as well, though through nextcloud. It did still remain a hassle. It also requires all different apps to be maintained and equally safe.

    Keeweb for example has not had an active maintainer since 2022 https://github.com/keeweb/keeweb/issues/2022

  6. john

    John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

    Project mention: It Started as Fun, Turned Into a Calling... | dev.to | 2024-10-08

    My quest to crack this Wi-Fi password led me deep into the world of network security. I learned about tools like aircrack-ng and John the Ripper. I discovered the concept of packet capture and the vulnerabilities of WPS-protected networks. But more importantly, this journey led me to a revelation that would change everything: Android was built on the Linux kernel.

  7. Probable-Wordlists

    Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

  8. staticrypt

    Password protect a static HTML page, decrypted in-browser in JS with no dependency. No server logic needed.

    Project mention: Password protect a static HTML page, decrypted in-browser in JavaScript | news.ycombinator.com | 2024-08-30

    Especially with 600k PDBKF2 iterations, 16 alphanum chars should be very safe.

    There's a (warning: very detailed) issue covering the topic of PBKDF2 iterations and password length over here, if you feel like diving into that rabbit hole: https://github.com/robinmoisson/staticrypt/issues/159

  9. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  10. MacPass

    A native macOS KeePass client

  11. lesspass

    :key: stateless open source password manager

    Project mention: LessPass: Generates passwords offline based on a login, a master pass, and a url | news.ycombinator.com | 2024-02-25
  12. Passbolt

    Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!

  13. cupp

    Common User Passwords Profiler (CUPP)

  14. h8mail

    Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

  15. SecretScanner

    :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

  16. passport-local

    Username and password authentication strategy for Passport and Node.js.

  17. PasswordPusher

    🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

    Project mention: Password Pusher: Securely share sensitive information with automatic expiration | news.ycombinator.com | 2024-10-09
  18. huge

    Simple user-authentication solution, embedded into a small framework.

  19. node-argon2

    Node.js bindings for Argon2 hashing algorithm

  20. awesome-iam

    👤 Identity and Access Management knowledge for cloud platforms

  21. mentalist

    Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.

  22. PassGAN

    A Deep Learning Approach for Password Guessing (https://arxiv.org/abs/1709.00440)

  23. bkcrack

    Crack legacy zip encryption with Biham and Kocher's known plaintext attack.

    Project mention: Cracking an old ZIP file to help open source the ANC's "Vula" secret crypto code | news.ycombinator.com | 2024-09-07

    The author kindly modified bkcrack based on Tim's fuzzy recollection of what he thought he might have chosen for the password: https://github.com/kimci86/bkcrack/pull/56 and https://github.com/kimci86/bkcrack/pull/126. However, I ran out of time to work on this part and it seemed more important to get the actual code running.

    Also, in the course of things I discovered that Tim used PKZIP inside the BASIC code using a password that used non-printing characters.

  24. accounts

    Fullstack authentication and accounts-management for Javascript.

  25. bruteforce-database

    Bruteforce database

  26. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Password discussion

Log in or Post with

Password related posts

  • Show HN: I built an open source computer-use SDK enabling agents to authenticate

    3 projects | news.ycombinator.com | 19 Jan 2025
  • I built an open source computer-use SDK enabling agents to authenticate securely

    3 projects | news.ycombinator.com | 19 Jan 2025
  • Passkey technology is elegant, but it's most definitely not usable security

    4 projects | news.ycombinator.com | 30 Dec 2024
  • A Tour of WebAuthn – Adam Langley

    2 projects | news.ycombinator.com | 26 Dec 2024
  • Keydex v0.4.0 – A KeePass Terminal Password Manager

    1 project | news.ycombinator.com | 26 Dec 2024
  • Operational PGP

    2 projects | news.ycombinator.com | 24 Dec 2024
  • Password Composition Policies Are Bad and Here's Why

    3 projects | dev.to | 22 Dec 2024
  • A note from our sponsor - CodeRabbit
    coderabbit.ai | 7 Feb 2025
    Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more →

Index

What are some of the best open-source Password projects? This list will help you:

# Project Stars
1 keepassxc 22,094
2 hashcat 21,887
3 SuperTokens Community 13,768
4 KeeWeb 12,429
5 john 10,751
6 Probable-Wordlists 8,745
7 staticrypt 7,249
8 MacPass 6,773
9 lesspass 5,793
10 Passbolt 4,840
11 cupp 4,503
12 h8mail 4,178
13 SecretScanner 3,157
14 passport-local 2,746
15 PasswordPusher 2,204
16 huge 2,137
17 node-argon2 1,931
18 awesome-iam 1,859
19 mentalist 1,831
20 PassGAN 1,778
21 bkcrack 1,756
22 accounts 1,504
23 bruteforce-database 1,484

Sponsored
CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai