Powered by Flutter
A lightweight, open-source, and password manager and TOTP authenticator. Ethercrypt allows you to securely store credentials and generate 2FA codes in a single application. It supports multiple storage backends, including local encrypted files and cloud-based providers, giving you flexible access across devices.
- Android
- Windows
- Linux
- Local Storage - Encrypted files stored directly on the device
- Cloud Firestore - Encrypted data stored online as documents in Google Cloud Firestore. Requires a Firebase project setup.
- [Planned] Google Drive
- [Planned] OneDrive
- [Planned] Dropbox
- Local-first encrypted storage - Store all data securely on your device using encrypted files.
- Multiple storage providers - Choose where your data is stored.
- Cross-device access - Access the same encrypted storage from different devices via the selected provider.
- Built-in TOTP authenticator - Generate and manage 2FA codes without external apps.
- Password generator - Create secure passwords with configurable length.
- Cloud management tools - Upload, download, and delete remote storage entries when using supported providers.
- Optional time synchronisation - NTP time synchronization over a server can be configured to increase local TOTP generation accuracy.
Ethercrypt follows a zero-knowledge approach where the master password is never stored or transmitted. Important: As a result, if the password is lost, access to encrypted data cannot be recovered, as no recovery mechanism exists by design.
- Key derivation: PBKDF2 with per-storage random salt and increased iteration count (v2.1.0+)
- Encryption: AES-256 in CBC mode with a unique IV per encryption
- Integrity protection: HMAC verification to detect tampering
- Secure credential handling: Sensitive authentication data is stored locally using Flutter Secure Storage when required for online backends.