Back

PasswordSentinel's Security Policy

Disclaimer: Use at Your Own Risk

PasswordSentinel is a locally-run, open-source tool designed for personal use. Since this web application operates only on your device, PasswordSentinel cannot guarantee the security of your data beyond local storage. By using this tool, you accept full responsibility for any risks associated with its usage. PasswordSentinel is provided "as is," with no warranty or liability for data loss, breaches, or misuse.

Key Security Features

AES-GCM 256-bit Encryption

We use industry-standard encryption to secure your data, ensuring it remains unreadable even if intercepted.

Local Storage Only

Your data never leaves your device, providing an additional layer of security and privacy.

Secure Key Generation

We use the Web Crypto API to generate cryptographically secure keys for your data.

Zero-Knowledge Architecture

We have no access to your passwords or encryption keys, ensuring complete privacy.

User Responsibilities

To enhance your security while using PasswordSentinel, please follow these best practices:

  • Use a strong, unique master password
  • Keep your device secure and up-to-date
  • Regularly update your passwords and security settings
  • Be cautious of phishing attempts and suspicious links

Continuous Improvement

While we aim to improve security where feasible, please note that this is a community-driven project:

  • Regular security audits and penetration testing are not conducted
  • We strive to stay informed of the latest security best practices
  • Vulnerabilities, when reported, are addressed transparently
  • Transparent communication about security updates and changes

Open Source

This project is open-source and relies on community support. While we strive to maintain best practices, please note:

  • No formal security audits or penetration testing are conducted
  • We encourage users to review and suggest security improvements
  • Issues can be reported, but users should exercise caution as official support is limited
  • Updates and changes are communicated transparently through the open-source community

Security FAQs

  • Is my data stored on your servers? No, all data is stored locally on your device, and does not store or transmit any data to external servers.
  • What happens in the event of a security issue? Since PasswordSentinel is an open-source project and locally operated, there is no dedicated support team for handling breaches. Use this tool at your discretion.
  • Can I request a security audit? As this is a community-supported project, no formal security audits are conducted. However, the source code is openly available for review.