Secure Password Manager with Advanced Generation
Ashy Pass is a modern, secure password manager built with GTK4 and libadwaita, designed for GNOME desktop environments. It provides military-grade encryption, intelligent password generation, seamless vault management with automatic session locking, and cloud backup via Google Drive.
- Military-grade encryption with Argon2 key derivation and Fernet (AES-256)
- Automatic session locking after 30 seconds of inactivity
- Secure password generation using Python's cryptographically secure
secretsmodule - Master password protection with PBKDF2 hashing
- Zero-knowledge architecture - your master password never leaves your device
- Strong passwords with configurable length (8-64 characters) and character sets
- Passphrases using EFF wordlist (3-10 words with customizable separators)
- PIN codes for numeric-only requirements (4-12 digits)
- Quick generation directly in vault dialogs with preset options:
- Strong Password (16 chars, all types)
- Passphrase (4 words)
- PIN Code (6 digits)
- Custom... (full generator dialog)
- Real-time strength indicator with visual feedback (Weak, Medium, Strong, Very Strong)
- Encrypted storage for passwords, usernames, URLs, and notes
- Automatic favicon fetching and caching for visual identification
- Search functionality to quickly find stored credentials
- One-click password copying to clipboard with security timeout
- In-vault password generator with dropdown menu integration
- Google Drive integration with OAuth 2.0 authentication
- Automatic encrypted backups to your Google Drive
- Manual backup on demand via Settings
- Secure token storage with automatic refresh
- User-specific backups in dedicated folder
- CSV import from Google Chrome, Firefox, and other password managers
- CSV export compatible with Google Chrome password manager
- Bulk password migration with automatic field mapping
- Backup to local files for offline storage
- Modern GNOME design following libadwaita guidelines
- Responsive layout adapting to window size
- Dark mode support with automatic theme switching
- Intuitive navigation with view switcher
- Toast notifications for user feedback
- Multi-language support with gettext internationalization
- OS: Linux with GTK 4.0 support
- Python: 3.10 or higher
- Memory: 256 MB RAM
- Storage: 50 MB available space
- Desktop: GNOME 43+ or compatible environment
- Display: 1280x720 resolution or higher
- Internet: For Google Drive backup and favicon fetching
# Arch Linux / Manjaro
sudo pacman -U ashypass-*.pkg.tar.zst# Clone the repository
git clone https://github.com/big-comm/ashypass.git
cd ashypass
# Install dependencies
pip install -r requirements.txt
# Run the application
python3 main.py- Launch Ashy Pass from your application menu
- Navigate to the Vault tab
- Create a strong master password (minimum 8 characters)
- Confirm your master password
Quick Generation:
- Go to the Generator tab
- Select type: Password, Passphrase, or PIN
- Adjust options as needed
- Click Copy to Clipboard or Generate New
In-Vault Generation:
- Click the + button in the Vault toolbar
- Click the generation button (⚡) next to the password field
- Choose from preset options:
- Strong Password - 16 characters with all character types
- Passphrase - 4 words separated by hyphens
- PIN Code - 6-digit numeric code
- Custom... - Opens full generator with all options
- Add: Click the + button, fill in details, and save
- Edit: Click the edit icon on any entry
- Copy: Click the copy icon to copy password to clipboard
- Delete: Click the trash icon and confirm deletion
- Search: Use the search bar to filter entries by title, username, or URL
- Favicons: Automatically fetched from URLs for visual identification
Setup:
- Click the Settings icon (⚙️) in the toolbar
- Go to Cloud Backup tab
- Click Sign in with Google
- Authorize Ashy Pass in your browser
- Your encrypted vault will automatically backup
Manual Backup:
- Open Settings → Cloud Backup
- Click Backup Now
- Encrypted database uploaded to Google Drive
Note: All backups are encrypted with your master password. Google cannot access your passwords.
Import from CSV:
- Open Settings → Import/Export
- Click the import icon
- Select your CSV file (from Chrome, Firefox, etc.)
- Passwords are automatically added to your vault
Export to CSV:
- Open Settings → Import/Export
- Click the export icon
- Choose save location
- File can be imported to Google Chrome:
chrome://password-manager/settings
CSV Format (Google Chrome compatible):
name,url,username,password,note
GitHub,https://github.com,user@email.com,MySecurePass123,Development account- Use a strong master password (16+ characters with mixed case, numbers, symbols)
- Enable Google Drive backup for disaster recovery
- Regularly export backups to external storage
- Never share your master password with anyone
- Keep your system and Ashy Pass updated
Configuration file: ~/.config/ashypass/config.json
{
"session_timeout": 30,
"auto_lock": true,
"clipboard_timeout": 45,
"default_password_length": 16,
"theme": "auto"
}Data directory: ~/.local/share/ashypass/
passwords.db- Encrypted password databasetoken.pickle- Google Drive authentication tokenfavicons/- Cached website icons
Ashy Pass follows a three-layer architecture:
ashypass/
├── core/ # Business logic and security
│ ├── auth.py # Session management
│ ├── database.py # Encrypted storage (Argon2 + Fernet)
│ ├── generator.py # Password generation
│ ├── backup_service.py # Google Drive integration
│ ├── csv_handler.py # Import/Export functionality
│ ├── client_secrets.py # OAuth credentials
│ └── config.py # Application settings
├── ui/ # GTK4/libadwaita interface
│ ├── window.py # Main application window
│ ├── generator_view.py # Generator interface
│ ├── vault_view.py # Vault interface
│ └── settings_dialog.py # Settings and preferences
└── utils/ # Utilities
├── clipboard.py # Clipboard operations
└── i18n.py # Internationalization (gettext)
Security Flow:
- Master password → Argon2 KDF → Encryption key
- Passwords → Fernet encryption → SQLite database
- Decryption → Session verification → Display
- Google Drive → Encrypted database upload → Secure cloud storage
Google Drive Integration:
- OAuth 2.0 authentication with
openid,drive.file,userinfo.emailscopes - Encrypted database backups in "AshyPass Backups" folder
- Automatic token refresh for seamless access
- No access to passwords by Google (zero-knowledge)
# Install development dependencies
pip install -r requirements-dev.txt
# Run in development mode
python3 main.py# Extract translatable strings
xgettext --language=Python --keyword=_ --output=locale/ashypass.pot *.py ui/*.py core/*.py utils/*.py
# Compile translations
msgfmt locale/pt_BR/LC_MESSAGES/ashypass.po -o locale/pt_BR/LC_MESSAGES/ashypass.mo- Follow PEP 8 guidelines
- Use type hints for function signatures
- Document classes and methods with docstrings
- Keep functions focused and testable
- Use
_()function for all user-facing strings (i18n)
Contributions are welcome! Please follow these guidelines:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- EFF Wordlist for passphrase generation
- GNOME Team for GTK4 and libadwaita
- Python Cryptography library for encryption primitives
- Google Drive API for cloud backup functionality
Built with ❤️ for the GNOME community