2 unstable releases

new 0.2.0	Dec 18, 2025
0.1.0	Dec 16, 2025

#2160 in Cryptography

Apache-2.0

89KB
1.5K SLoC

Askrypt

Password manager without master password

Status

⚠️Askrypt is under active development and has not undergone extensive security testing. Use at your own risk.⚠️

Overview

Askrypt is a secure password/secret manager that does not require a master password. Secrets are encrypted by a key derived from user-specific data using PBKDF2 with HMAC-SHA256. The user-specific data is a set of answers to personal questions known only to the user.

Performance

PBKDF2 is intentionally slow to prevent brute-force and dictionary attacks. The iteration count can be adjusted to balance security and performance. Default iteration count in Askrypt is set to 600,000.

Benchmarks on a typical system:

100,000 iterations: ~100ms
600,000 iterations: ~600ms
1,000,000 iterations: ~1000ms

References

https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html

License

This project is open source. See LICENSE file for details.

Dependencies

~45–68MB
~1M SLoC