How It Works
Understanding the secure setup and encryption process
1️⃣ Initial Setup
After signing in, you'll need to generate your encryption keys. These keys are the foundation of your password security. You'll create a master password that encrypts these keys - make sure to remember this password and save your keys in a secure location.
2️⃣ Key Storage
Your encryption keys are stored in an encrypted file, protected by your master password. This two-layer approach means that even if someone gets access to your encrypted file, they can't access your passwords without your master password.
3️⃣ Password Management
When you save a password, it's encrypted using your keys before being stored locally. When you need to access a password, the extension first decrypts your keys using your master password, then uses those keys to decrypt your stored passwords.
Why This Approach?
🔐 True Zero-Knowledge
Your master password never leaves your device. Even we can't access your passwords or encryption keys.
💾 Local-First Security
All encryption and decryption happens locally on your device. Your sensitive data never travels over the network unencrypted.
🔄 Key Recovery
By saving your encrypted keys file, you can recover access to your passwords even if you need to reinstall the extension - as long as you remember your master password.
Important: Your master password is crucial for accessing your passwords. If you lose it, there's no way to recover your stored passwords.
Technical Features
Understanding the security and technology behind MePassword
Seamless Browser Integration
Experience password management that works for you with smart auto-detection, quick autofill, and instant form recognition - all with a single click while maintaining security.
- Smart form detection & instant autofill
- Quick access in < 1 second
- Auto-lock for enhanced security
- Automatic credential detection
- One-click save & update
Windows Hello Integration
Secure your encryption keys with Windows Hello's advanced biometric authentication, leveraging your device's TPM for maximum security.
- Hardware-backed security using Windows TPM 2.0
- Seamless biometric authentication
- Secure key storage in Windows Credential Manager
- Zero-knowledge encryption of master keys
- Automatic key unlocking with biometrics
Military-Grade Encryption
Hybrid RSA-4096 and AES-256-GCM encryption ensuring your passwords remain secure with both asymmetric and symmetric encryption.
- RSA-4096 asymmetric encryption for key exchange
- AES-256-GCM authenticated encryption for data
- Secure key derivation with high entropy
- Perfect forward secrecy with unique IVs
- Quantum-resistant key lengths
Zero-Knowledge Architecture
True zero-knowledge security where even we can't access your passwords. Your data remains encrypted with keys that only you control through Clerk authentication and local device security.
- Multi-layer encryption with Clerk authentication
- Encrypted keys stored only on your device
- Servers store only encrypted data
- Protected against server breaches
- No backdoors or password recovery
Advanced Key & Password Security
Generate and manage cryptographically secure keys and passwords using industry-standard algorithms and secure storage practices.
- RSA-4096 for key generation
- Local secure key storage with TPM
- Hardware-backed encryption
- Quantum-resistant key lengths
- Customizable password rules
Secure Backup & Recovery
Keep your passwords safe with encrypted local backups. Your data never leaves your device unencrypted, ensuring complete privacy even during backup and recovery.
- End-to-end encrypted backups
- Offline-first backup storage
- Local device recovery keys
- Multiple backup locations
- Secure key restoration
Open Source
MePassword is fully committed to transparency and security. Our web application is completely open source, allowing you to inspect and verify the code yourself. For the browser extension, we maintain a controlled contribution process - simply submit a request for review, and I'll personally ensure all changes align with our security standards.
Version Comparison
| Feature | Hosted | Self-Deployed |
|---|---|---|
| Password Management | ✓ | ✓ |
| Browser Extension | ✓ | ✓ |
| Windows Hello Integration | ✓ | ✓ |
| Zero-Knowledge Encryption | ✓ | ✓ |
| Secure Key Generation | ✓ | ✓ |
| Local Backup & Recovery | ✓ | ✓ |
| Email-based Key Sharing | ✓ | × |
| Token Rotation | ✓ | × |
| Self-hosted Infrastructure | × | ✓ |
| Web Development knowledge | × | ✓ |
Self Deployment Options
You have the flexibility to either use our pre-built backend solution or create your own custom implementation. Detailed instructions for both approaches are available in our README file, making it easy to get started with your preferred setup.