sysPass – Systems Password Manager


PHP web based Password Manager for business and personal use.

  •  AES-256 encryption in CTR mode
  •  RSA for sending passwords from forms
  •  Two factor authentication
  •  HTML5 and Ajax interface
  •  Users, groups and profiles management with up to 29 access levels
  •  MySQL, OpenLDAP and Active Directory authentication
  •  Tags, custom fields, public links, private accounts, favorites, history, etc.
  •  Activity notifications by email and in-app, and event log
  •  Multilanguage


sysPass permissions are set in users’ profile. By default only accounts searching can be done.

There are 29 permission types:

  • Accounts
    • Create – allows to create new accounts
    • View – allows to view the accounts’ details [1]
    • View Password – allows to view the accounts’ password [1]
    • Edit – allows to modify the accounts and its files [1]
    • Edit Password – allows to modify the accounts’ password [1]
    • Delete – allows to delete accounts [1]
    • Files – allows to view account’s files
    • Share Link – allows to create public links
    • Private – allows to create private accounts
    • Private for Group – allows to create private accounts only accessible by the account’s main group
    • Permissions – allows to view and modify the accounts’ permissions [1]
    • Global Search – allows to perform a searching in all the accounts except in the private ones [2]
  • Management
    • Users – allows full access to the users management [3]
    • Groups – allows full access to the user groups management
    • Profiles – allows full access to the user profiles management
    • Categories – allows full access to categories management
    • Clients – allows full access to clients management
    • Custom Fields – allows full access to custom fields management
    • API Authorizations – allows full access to API authorizations management
    • Public Links – allows full access to the public links management
    • Accounts – allows full access to accounts management
    • Files- allows full access to files management
    • Tags – allows full access to the tags management
  • Configuration
    • General – allows full access to the site, accounts, wiki, ldap and email configuration
    • Encryption – allows full access to the master password configuration
    • Backup – allows full access to perform backups [4]
    • Import – allows full access to import XML and CSV files
  • Others
    • Event Log – allows full access to the event log

Installation instructions and documentation at Doc

This software is published under GNU GPLv3 license. For details about that, there is a copy on ‘COPYING’ file.

Though it would be preferable to ask or report issues through GitHub’s website, you can reach me out by email (eg. CVEs, contribution, etc.): nuxsmin[a_t]syspass[d_o_t]org

CrossC2 – Generate CobaltStrike’s Cross-Platform Payload

Previous article

Lockdoor-Framework: A PenTesting Framework With Cyber Security Resources

Next article

You may also like


Leave a reply

Your email address will not be published. Required fields are marked *

More in Security