NOWPASS is an Open Source password manager. It's divided into multiple projects, from the REST Api server, over the browser extensions to the desktop and command line clients
There are multiple ways to use NOWPASS:
You can just register on this website and than use https://nowpass.org as API server. Just download the Chromium / Google Chrome extension (also works in Vivaldi and Opera) and the other NOWPASS applications you want to use (like the Desktop application or the Python command line client)
Set up your own NOWPASS server locally or on a server. Check out the GitHub repository for more information.
Clear text passwords are never transmitted to the API server (or anywhere else) or stored anywhere. NOWPASS is using AES-CBC-256 encryption to protect your passwords, secure notes etc..
If you enter a wrong passphrase you don't get a warning, the clear text is just going to be garbage. This is because NOWPASS encrypts every item separately. So you could even use different pass phrases for different elements.
NOWPASS includes only trusted, reliable tools that the developers feel comfortable using on our own projects.
By default, email verification is neither required for signup, nor for when an existing user changes their email address from their account page.
To use Mailgun, you'll need to sign up for an account. (While this is a paid service at higher usage levels, you should be able to use Mailgun as much as you need to in development without having to provide any credit card information.)
After you've created an account, you'll need to add your Mailgun domain and API secret to your custom
config. (In development, this will be either in
config/custom.js, or in a
local.js file you add to your
config/ folder. For your staging or production
deployment, you'll want to set these using system environment variables -- aka "config variables" in
If you already own a domain for your app, you can follow Mailgun's instructions for configuring a sending domain.
Otherwise, to send emails from this app without configuring a sending domain, you can use the sandbox domain & test API secret that comes with your Mailgun account. Just be sure to configure the authorized recipents for your sandbox domain first, or there will be errors from the endpoints that attempt to send emails.