Password Manager

PasswdSafe is a port of the Password Safe (https://pwsafe.org/) application to Android. YubiKey NEO tokens are supported for two-factor authentication. File passwords can be saved on devices with a fingerprint scanner and Android 6.0 or higher. Please maintain a known-good backup in case bugs exist

This app provides a highly customizable and secure way to generate passwords for all your needs. It’s lightweight, user-friendly, and ensures maximum security without compromising ease of use.

With Privacy Friendly Password Generator you can generate different passwords for all your accounts while remembering only one master password. Detailed information about generating passwords can be found at the app's help page or at https://secuso.org/pfa. The app belongs to the Privacy Friendly Apps group developed by the research group SECUSO. More information can be found an https://secuso.org/pfa In case you wish to generate a password for a user account, you can add this account to Privacy Friendly Password Generator. Therefore, you only have to enter which characters (lower-case letters, upper-case letters, numbers, special characters) you would like the password to consist of and how long it should be. The account are arranged in a list. To generate a password, click on the account and enter your master password. The master password is a password made up by you and it guides all other passwords. Like the other passwords it is not stored in the application. So if you wish you can write it down and keep it in a safe place. Finally, Privacy Friendly Password Generator displays the password which has been generated for you account. This password can be re-generated any time. In case you wish to find out how Privacy Friendly Password Generator generates the passwords, have a look at https://secuso.org/pfa How does Privacy Friendly Password Generator differ from other similar apps? 1. No permissions Privacy Friendly Password Generator does not require any permissions. For comparison: The Top Ten of similar apps from the Google Play Store requires an average of 3,4 permissions (in November 2016). These are for instance the location permission or the permissions to access, modify or delete storage. 2. Protection of passwords Privacy Friendly Password Generator does not store any generated password, nor does it store the master password. For the generation of password a stateless algorithm is used. This means that the passwords only exist during the generation and are not stored in the program after the application has been closed. Additionally, the app prevents devices from taking screenshots. 3. No advertisement Moreover, Privacy Friendly Password Generator distinguishes from many other applications in the way that it completely relinquishes advertisements. Advertisement might track a user's actions. It could also shorten battery life or use mobile data. You can reach us via Bluesky - @secusoresearch.bsky.social https://bsky.app/profile/secusoresearch.bsky.social Mastodon - @SECUSO_Research@bawü.social https://xn--baw-joa.social/@SECUSO_Research/ Job opening - https://secuso.aifb.kit.edu/english/Job_Offers.php

Password Master is open source app for generating, managing and storing passwords in a secure encrypted database. Generate secure passwords using cryptographically secure pseudo-random number generator. You are given options to choose which characters your password should contain or you can choose your set of a custom symbols. Generating, managing and storing passwords with Password Master is fast and easy, just check options and hit a button to generate password and store it in an encrypted database. Features: * Create password groups with icons * Generate and store password with an icon, name, url, user name or a note * Simply choose which characters your password should contain * Passwords are generated by cryptographically secure pseudo-random number generator * No internet and storage permission required, your passwords are never stored anywhere * Generates passwords with 1 - 999 characters * Use custom symbols which password should contain * Use your own seed to generate passwords * Shows password strength and bits of entropy * Automatically clears clipboard * Does not require any permission * Light and dark app themes * App is Open Source * No Ads

This app seamlessly integrates with Have I Been Pwned? to help you verify whether your passwords have been compromised in any publicly disclosed data breaches. Your passwords stay private and are never shared anywhere. Features: - Fully open source - Material design 3 & Material You - Supports both light and dark theme - No ads - No collection of personal data

Simple password manager that is compatible with pass: Passwords are stored in simple text files which are encrypted with OpenPGP. Features: Clone an existing pass repository or start a new one Create and organize password files Sync with a remote Git repository Decrypt and copy passwords Automatically fill and save credentials in apps and supported browsers Supports time-based one-time passwords (TOTP) for two-step authentication

PasswordMaker Pro creates unique, secure passwords that are very easy for you to retrieve but no one else. Nothing is stored anywhere, anytime, so there's nothing to be hacked, lost, or stolen. See https://passwordmaker.org/ for details.

A Materiel 3 Password Manager. Import your CSV Passwords and your passwords are getting imported. You can copy usernames and passwords. You can access the app via biometric authentication or by entering your master password.

Store passwords, payment cards notes, ID cards and identities offline and safe, synchronized between all of your devices. Features: Security - All your information is encrypted in AES and stored offline on your devices, providing highest-tier security.Synchronization - Share data between separate devices within seconds.2FA codes - Keep your 2FA codes safe and sound in offline storage.Entry sharing – Send entries to your friends and family.Biometrics - Quickly unlock the app using your fingerprint.Multipurpose - Store passwords, payment cards, notes, id cards and identities, all in one place.Autofill - Quickly fill fields in apps and websites without having to open the app.Browser extension - Use autofill and add new entries on the fly right from your browser. (See https://github.com/GlitterWare/Passy-Browser-Extension)Passy Cloud - Support this free project and get secure, automatic online synchronization in return. (disabled by default - base app and manual QR-powered sync remain free forever) Official website Permissions: Internet - needed for synchronization, happens locally, with direct connection between devices.External storage - needed for backups/exporting.Biometric - needed for biometric authentication as an alternative to login with master password.Camera - needed for scanning QR codes for easy synchronization.

Double-spending is no longer a theoretical possibility but a practical reality. Most of the end-user applications used widely today leave their users vulnerable to being defrauded via double-spend attacks. PayNoWay is a tool that you can use to test the applications that you, or your business, depend on to accept on-chain cryptocurrency payments. Features: - Send payment transactions with the same UX flow as other wallet applications. - Easily broadcast double-spend transaction after a payment is sent, to return the funds to the internal wallet address. - Fetch current network fee rate, or set a custom value. - Optionally set automatic broadcasting of double-spend transactions. - Control what happens to the payment transaction output - "Drop it" or "Replace with dust". - By default double-spend transactions are broadcast to several web services simultaneously to improve chances of confirmation. - Bitcoin mainnet and testnet networks - Several address types - Legacy (p2pkh), SegWit backwards compatible, SegWit (bech32). - Transaction history view where you can re-broadcast any past transaction, copy to clipboard any transaction as raw hexadecimal, or update any locally stored transaction by fetching it from the configured web service. - Statistics dashboard (Payments vs. Double-spends) which shows total number of transactions as well as their total values. Optionally reset the dashboard at any time. Disclaimers: - This app is intended to be used for testing and educational purposes. - Please do not use this app to double-spend against merchants without their explicit consent. - A successful double-spend is not guaranteed - use at your own risk. - You are responsible for creating a backup of your private key(s). Without a backup, if you delete the app or lose your device, your funds will be permanently lost. Permissions: - Camera, flashlight - To scan QR codes that contain an on-chain addresses, payment requests, and optionally a private key (WIF) during configuration. - Access network state - For detecting if the device is offline. This helps provide feedback to you, the user, in case of temporary loss of network connectivity. - Internet - To query web service APIs to broadcast transactions, fetch minimum relay fee rate, fetch transaction history and unspent transaction outputs.

About Welcome to the most intelligent password evaluator app 'Pazzword'. It analyzes passwords using the open source library 'nbvcxz', a Java adaptation of 'zxcvbn' by Dropbox. In comparison to other password evaluator tools this secure and flexible tool uses algorithms for pattern matching and conservative estimation to give you the best results currently possible. It recognizes and weighs 30.000 common passwords, common names & surnames, most english words and common patterns like dates, repeats, sequences, keyboard patterns and l33t speak. For more information visit https://github.com/dropbox/zxcvbn. Features Analyzing entered passwords with the following feedback: a scoreentropycustom suggestionsfound patterns andestimated stability against cracking for the returned password. Accessing the 200 most common passwords of 2021 (source).

Store your codes and passwords encrypted on your device. You need your master password each time you want to access your saved codes/passwords. Your codes/passwords are encrypted with an AES 256 key generated with your master password. The key and the password will be deleted immediately if the app goes into background. So each time you switch back to the app you will have to enter your password again and the key will be generated to decrypt your data. AT NO TIME WILL YOUR DATA BE UPLOADED TO THE INTERNET OR USED FOR ANYTHING ELSE! Your data is stored encrypted on your device and will stay on your device.

Warns user about dangerous permissions given to installed apps Runs a periodic scan and warns users about dangerous permissions given. User can also add exceptions per app or for whole device. Also, app can launch android permissions page to revoke permissions from an app

Permission Summary is a lightweight, open source Android app that helps you quickly check which apps have access to sensitive permissions on your device — in just a few seconds.The app only lists user-installed apps and only those with dangerous permissions. These are permissions Android classifies as potentially privacy-invasive and require explicit runtime approval.Permissions Checked:Camera — Access to your device's cameraMicrophone — Record audioLocation — Fine & coarse location (GPS, Wi-Fi, etc.)Storage — Access to files, media, photos, or musicContacts — Read, write, or access contact data and accountsCalendar — Read or write calendar eventsPhone / Call Log — Read phone state, call logs, answer calls, etc.SMS — Send or receive SMS, MMS, and WAP push messagesBody Sensors — Access data from heart rate, step counter, etc.Non-dangerous permissions like INTERNET, POST_NOTIFICATIONS, and BLUETOOTH are intentionally excluded to reduce noise.Features:🔐 Grouped by Permission — Instantly see which apps request access to camera, mic, contacts, etc.🧼 User Apps Only — Filters out system apps and background clutter.🚫 Focus on Privacy — Shows only dangerous permissions and skips non-sensitive ones.📱 Modern UI — Built entirely with Jetpack Compose and Material 3.⚡ Fast & Lightweight — Optimized for quick, offline use. No trackers, no nonsense.Privacy: Everything runs locally on-device and offline. No personal data is collected or shared.

PhoneAccount Abuse Detector is a simple application to enumerate and detect any application that (ab)uses adding an indefinite amount of PhoneAccount(s) to Android's TelecomManager.What's the background of this? In short: malicious or even just improperly programmed applications can, intentionally or not, block your device from the ability to call emergency numbers. If you are in such a situation, this app helps you to find the culprit – which you then can uninstall (of disable).For details on the vulnerability, check the article by Mishaal Rahman here.

Encrypt your photos on your device and keep them safe from others. Photok is a free Photo-Safe. It stores your photos & videos encrypted on your device and hides them from others. It uses technologies like, AES-256 encryption standard or bcrypt, to keep your photos secure. Photok is completely free, open source, and runs no ads. Features * import photos and videosfrom your gallery * fully functional in app gallery * export photos back to your gallery * change your password * create and Restore backups * share to Photok * hide app icon * recovery menu Benefits * hide your sensitive photos from others * protect your photos from data theft Photok on GitHub: https://github.com/leonlatsch/Photok Icons made by Google, Freepik and ultimatearm from www.flaticon.com

Pijaret is just another rotation encryption tool. WARNING: THIS IS A TOYCRYPTER! DO NOT USE FOR SERIOUS PURPOSE! The main purpose is to create a small encryption tool to make services like Whatsapp or Telegram a >bit< more secure. The system is easy to understand. You share a numeric key with your partner in real life and en/de-crypt some important messages with it. (In case you don't go outside you can just tormail your chat partner or stuff).

Features a passive jammer technique that engages the microphone thereby blocking other apps from using it. But does NOT listen to or record any of the audio from the microphone. It uses 0% CPU and no noticeable battery use. However is not intended to be left on permanently due to the variety of triggers that can cause audio_focus_state changes (VOIP etc). Also features an active jammer that emits tones constrained to the NUHF range of 18 kHz to 24 kHz range. User determined carrier frequency and drift limits with rate for random tone emissions depending on the device capabilities. For instance 20000 Hz carrier, drift limit 1000 Hz and rate slow - will output random frequency between 19 kHz and 21 kHz approximately every second. Audible artifacts are present during the NUHF tones but this may be changed in a future release. Experimental white noise output may not be very effective at blocking and is a somewhat annoying sound. The device speaker output may not have enough amplitude to block unwanted NUHF signals - testing will determine. * Manual start * Notification post when running * Auto stop and restart when telephony interrupts * Currently relies on audio_focus_state changes for auto-switching * Active jammer

Have a secret that you want to share? Why not hide it in a picture? With PixelKnot, only your friends with the secret password can unlock your special message. Everyone else just sees a pretty picture. It’s a fun and easy way to share hidden messages without anyone knowing. Take those pixels, twist them in a knot, and see for yourself! ★ DISGUISE YOUR MESSAGES: Pictures are public, the text is hidden inside. Even a trained eye will think the image is unedited. It’s security through obscurity! ★ FOR YOUR EYES ONLY: Put a password on the secret message to make sure that no one can read it except the person it’s meant for. ★ EASY IMAGE CHOOSER: You can use the camera to take photos, or just use photos you’ve already taken. ★ INVISIBLE CHANGES: Even a trained analyst analyst shouldn’t be able to detect any message. The image bytes should seem undistorted. ★ SHARE ACROSS PLATFORMS: Want to share the images over email, file sharing tools (like Dropbox & Sparkleshare), social media (like Google+ & Flickr) or directly through Bluetooth or NFC? Not a problem! The messages are still recoverable on the other side. We'll have even more tools (like Facebook) working soon, so stay tuned! ★ AD-FREE: We want your love, not your money. ★ MATHEMATICALLY SECURE: We use the F5 steganography algorithm which implements matrix encoding to improve the efficiency of embedding and employs permutative straddling to uniformly spread out the changes over the whole steganogram. ★ ATTACK RESISTANT: We’ve launched attacks on images with messages hidden in them using a specialized version of stegdetect, an automated tool for detecting steganographic content in images. In most cases, the pictures have been impervious to attack. We will be including detection in an upcoming version of the application so you can easily test it yourself! Don’t see your language? Join us and help translate the app: https://hosted.weblate.org/projects/guardianproject/pixelknot https://hosted.weblate.org/projects/guardianproject/pixelknot-metadata ***Learn More*** ★ ABOUT US: Guardian Project is a group of developers that make secure mobile apps and open-source code for a better tomorrow. ★ OUR WEBSITE: https://GuardianProject.info. ★ ON TWITTER: https://twitter.com/guardianproject ★ OPEN-SOURCE: PixelKnot is free software. You can take a look at our source code, or join the community to help make it even better: https://github.com/guardianproject/pixelknot ★ MESSAGE US: Are we missing your favorite feature? Found an annoying bug? Please tell us! We’d love to hear from you. Send us an email: support@guardianproject.info ***Disclaimer*** The Guardian Project makes apps that are designed to protect your security and anonymity. The protocols that we use are widely regarded as the state of the art in security technology. While we are constantly upgrading our software to combat the latest threats and eliminate bugs, no technology is 100% foolproof. For maximum security and anonymity users must utilize best practices to keep themselves safe.

Immediately lock your phone if someone snatches it from your hand. It pings the accelerometer in the background and will lock the phone if the sum of all non-gravitational forces ever exceeds the threshold. Note that uninstallation is currently not obvious - you first need to deactivate, in Android's Settings -> Security - Device Administrators. Until you do this, uninstallation will fail.

Lock your phone when snatched. An updated and improved derivative of PluckLock. This polls the accelerometer in the background and will lock the phone if the sum of all non-gravitational forces ever exceeds the threshold. PluckLockEx loads immediately into its preferences page, where you can set the only preference relevant to the app's operation: the threshold at which the phone will lock when it receives an acceleration jolt. The application will run in the background, constantly monitoring the accelerometer to determine if the phone has been taken from your hand. The app will start itself when you boot your phone.

A handy systems and security-focused tool, Port Authority is a very fast port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts.One of the fastest port scanners with host discovery on the market! Host discovery is typically performed in 3 seconds. If the device you’re scanning drops packets, it takes less than 10 seconds to scan 1000 ports. If the device you’re scanning rejects packets, it takes about ~30 seconds seconds to scan all 65,535 ports!Port Authority has no ads and will never have ads. It requires extremely limited permissions since it only needs to interact with your network. The internals are designed to take advantage of today’s modern phones with multiple cores to ensure you can scan your network as fast as possible.

A basic port knocker client. Also includes a widget and the ability to choose an application to launch after knocking.

Privacy Flip automatically manages your device's privacy features based on screen lock/unlock state. When you lock your device, it can disable Wi-Fi, Bluetooth, mobile data, location services, NFC, and even camera/microphone sensors. When you unlock, it intelligently restores the features you want back on. Works with Root OR Shizuku - Choose your preferred privilege method! Features: • Manage your device privacy based on lock/unlock state • Dual privilege support: Root OR Shizuku (no root required!) • Automatic privilege detection (Sui > Root > Shizuku) • Configurable feature control (Wi-Fi, Bluetooth, Mobile Data, Location, NFC, Camera, Microphone, Airplane Mode, Battery Saver) • Customizable timing delays (0-60 seconds granular, 2 minutes, or 5 minutes) • Smart "only if unused/not connected" modes for WiFi, Bluetooth, Location • App exemption system (skip privacy for specific foreground apps) • Samsung NFC payment override detection with opt-in auto-retry • Optional Accessibility Service for side button instant-lock support • Advanced multi-tier Bluetooth connection detection • Background service for persistent monitoring • Quick Settings tile integration Privacy Features Controlled: • Wi-Fi - Disable/enable wireless connectivity • Bluetooth - Control Bluetooth radio • Mobile data - Manage cellular data connection • Location services - Control GPS and location tracking • NFC - Control NFC sensor • Camera - Disable/enable camera sensor privacy (Android 12+) • Microphone - Disable/enable microphone sensor privacy (Android 12+) • Airplane Mode - Enable on lock (opt-in, disables all radios at once) • Battery Saver - Enable on lock (opt-in, reduces background activity) Note: Camera and microphone ignore custom delays and trigger immediately (if not in use to avoid interrupting calls), due to Android limitations Requirements: • Android 7.0+ (API level 24) • Android 12+ (API level 31) for camera/microphone features Choose your privilege method: Option 1: Shizuku (No root required!) • Shizuku app installed and running • ADB privileges via USB or wireless debugging • Perfect for non-rooted devices Option 2: Root Access (Recommended for rooted devices) • Root access via Magisk, SuperSU, or similar • Best performance with UID 0 privileges Option 3: Dhizuku (Device Owner method) • Device set as Device Owner or Profile Owner • No root required, no ADB after setup • Persistent privileges across reboots • Perfect for enterprise/privacy-focused setups Option 4: Sui (Best of both worlds) • Rooted device with Magisk • Sui Magisk module installed • Best user experience - automatic startup, no prompts Privacy & Security: • Zero telemetry - No data sent to external servers • Local storage only - All settings stored on device • No network permissions - App cannot access internet • Open source - https://github.com/dorumrr/privacyFlip