Personal Password Manager
- Tool Created by: Zeeshan Ali
π Table of Contents
Overview
PassWord Manager is a command-line application that lets you securely store and manage your passwords and private notes in an encrypted local vault. Each user account is protected by a master password, and all vault data is saved to an encrypted .dat file on disk β unreadable without the application.
It also ships with a suite of standalone security tools: a Caesar cipher encryptor/decryptor, a password strength analyser, a strong password generator, a text case converter, vault statistics, and a common password leak checker.
Features
ποΈ Vault Management
- Add Password Entries β store a platform name, username/email, password, and website URL
- Add Secure Notes β store freeform private text (PINs, keys, etc.)
- View Entries (masked) β see entry details with password hidden behind asterisks
- Reveal Entries β decrypt and display the full password after re-entering your master password
- Delete Entries β remove individual vault items
- Search Vault β find entries by title or username keyword
- Clear Entire Vault β wipe all entries after master password confirmation
- Delete Account β permanently remove your account and all associated data
π€ Account System
- Sign Up β create an account with name, email, and a master password (min. 6 characters)
- Log In β authenticate with email + master password
- Change Master Password β update your master password from the dashboard
- Persistent Storage β all data is saved to
vault_data/vault.dat and reloaded on next run
π οΈ Tools
| Tool | Description |
|---|
| Caesar Cipher | Encrypt or decrypt any text using a Caesar shift (key 1β26) combined with Base64 encoding |
| Password Strength Checker | Score a password on 6 criteria with actionable improvement tips |
| Password Generator | Generate up to 3 strong passwords with configurable length (8β64) and character sets |
| Text Case Converter | Convert text to UPPERCASE, lowercase, Title Case, camelCase, snake_case, kebab-case, or reverse it |
| Vault Stats Report | View a breakdown of your vault β total entries, password health scores, and weak password names |
| Leak / Common Password Check | Flag passwords found in a list of the most commonly leaked credentials |
Project Structure
.
βββ Main.java # Entry point, menus, and all user interaction logic
β
βββ vault_data/
β βββ vault.dat # Encrypted vault file (auto-created on first run)
β
βββ (all classes in Main.java)
βββ InputValidator # Email, URL, password, and range validation
βββ FileEncryption # XOR + SHA-256 + Base64 file-level encryption
βββ StorageManager # Read/write users and vault entries to disk
βββ VaultEntry # Abstract base class for vault items
βββ PasswordEntry # Stores a password entry (title, username, URL, encrypted password)
βββ NoteEntry # Stores a secure note (title, content)
βββ CipherEngine # Caesar cipher + Base64 encrypt/decrypt (implements Encryptable)
βββ PasswordStrengthChecker # Scores passwords and gives improvement tips
βββ PasswordGenerator # Generates random strong passwords
βββ PasswordLeakChecker # Checks against a list of common leaked passwords
βββ TextCaseConverter # Converts text between 7 case/format styles
βββ VaultStatsReport # Prints vault health statistics
βββ User # User model with vault management methods
βββ AuthManager # Handles sign-up, login, account deletion, and persistence
Getting Started
Prerequisites
- Java 8 or higher installed on your machine
- A terminal / command prompt
Compile
javac Main.java
Run
java Main
The application will create a vault_data/ directory automatically on first run and load (or create) the encrypted vault file.
Usage Guide
First Launch
On first launch, two demo accounts are seeded automatically (see Demo Accounts). You can log in with one of them or sign up with your own account.
Navigation
The app has three menu levels:
Auth Menu
βββ Landing Menu
βββ Dashboard (Vault)
β βββ Add Password Entry
β βββ Add Secure Note
β βββ View Entry (masked)
β βββ Reveal Entry (requires master password)
β βββ Delete Entry
β βββ Search Vault
β βββ Change Master Password
β βββ Clear Entire Vault
β βββ Delete My Account
βββ Tools
βββ Encrypt / Decrypt Text
βββ Check Password Strength
βββ Generate Strong Password
βββ Text Case Converter
βββ Vault Stats Report
βββ Leak / Common Password Check
Adding a Password Entry
- From the Dashboard, choose 1. Add Password Entry
- Enter the platform name (e.g.
Gmail)
- Enter your username or email
- Enter your password β a strength report and leak check are shown immediately
- Enter the full website URL (must start with
http:// or https://)
The password is encrypted using Caesar cipher + Base64 before being stored in the vault.
Revealing a Password
- Choose 4. Reveal Entry (decrypt + auth)
- Select the entry number
- Enter your master password to confirm
- The decrypted password is displayed
Using the Caesar Cipher Tool
- Go to Tools β 1. Encrypt / Decrypt Text
- Choose Encrypt or Decrypt
- Enter a key between 1 and 26 β remember this key, you need it to decrypt
- Enter your text
The tool applies a Caesar shift first, then encodes the result in Base64 for the final ciphertext.
Security Architecture
Password Storage (Vault Entries)
Passwords saved in the vault are encrypted with a Caesar cipher + Base64 scheme using a fixed internal shift key of 7. This keeps passwords unreadable in the vault list but is not cryptographically strong β see the disclaimer below.
File Encryption (vault.dat)
The vault file on disk is protected by a two-layer scheme:
- SHA-256 key derivation from a hardcoded passphrase (
P@ssW0rd_V@ult_S3cr3t_K3y_2025!)
- XOR transform applied byte-by-byte over the JSON data
- Base64 encoding of the result
This makes the file unreadable as plain text, but the key is embedded in the source code.
Master Password
Master passwords are stored and compared in plain text (no hashing). This means the vault file, if decrypted, would expose them.
Class Reference
| Class / Interface | Role |
|---|
Manageable | Interface requiring display() and getSummary() |
Encryptable | Interface requiring encrypt() and decrypt() methods |
InputValidator | Static helpers for validating email, URL, master password, and integer ranges |
FileEncryption | XOR + SHA-256 + Base64 encryption/decryption for the vault file |
StorageManager | Serialises/deserialises User objects to/from vault.dat using hand-rolled JSON |
VaultEntry | Abstract base for PasswordEntry and NoteEntry; holds title, username, createdAt |
PasswordEntry | Concrete vault item for credentials; stores an encrypted password and URL |
NoteEntry | Concrete vault item for freeform secure notes |
CipherEngine | Caesar cipher (letters + digits) with Base64 wrapping; implements Encryptable |
PasswordStrengthChecker | Scores passwords across 6 dimensions and returns a formatted ASCII report |
PasswordGenerator | Builds random passwords from configurable character pools with guaranteed diversity |
PasswordLeakChecker | Compares against a 30-entry list of the most common leaked passwords |
TextCaseConverter | Converts strings to 7 different case/format styles |
VaultStatsReport | Aggregates and prints vault entry counts and password health breakdown |
User | Holds user profile, master password, and vault; provides add/delete/search/list methods |
AuthManager | Manages the user list, handles sign-up/login flow, and triggers persistence |
Main | Application entry point; owns the menu loops and calls all feature methods |
Demo Accounts
Two demo accounts are seeded automatically on first run (if no vault file exists):
| Name | Email | Master Password | Vault Contents |
|---|
| Zeeshan Ali | zeeshan@gmail.com | zeeshan7822 | Gmail, Facebook, GitHub, Instagram passwords + 2 secure notes |
| Muhammad Hassan | hassan@gmail.com | hassan123 | Instagram, LinkedIn passwords + 1 secure note |
Note: These accounts are for testing only. Delete them or clear their vaults before using the app for real credentials.
Limitations & Disclaimer
β οΈ This project is for educational purposes.
- The Caesar cipher used for password storage is not cryptographically secure. A production password manager should use AES-256 or similar.
- The master password is stored and compared in plain text β no hashing (e.g. bcrypt/Argon2) is applied.
- The file encryption key is hardcoded in source code β anyone with access to the source can decrypt the vault file.
- There is no clipboard integration β passwords must be read from the terminal.
- All data is stored locally only β there is no sync or backup mechanism.
This project demonstrates core OOP concepts in Java including inheritance, interfaces, polymorphism, encapsulation, file I/O, and input validation.
*Made with β and Java by Zeeshan Ali *