PoWDer

Zero-knowledge password manager

Username

Master Password

Authenticator Code

Your vault is encrypted locally. We never see your password.

How does it work?

Forgot password? Use recovery key

PoWDer

New Entry

Type

Login Note

Name

Username

Password

URL

Title

Notes

How PoWDer Protects Your Data

Zero-Knowledge Architecture

Your Master Password never leaves your device. The server only receives a cryptographic hash that cannot be reversed to obtain your password.

End-to-End Encryption

All your passwords and notes are encrypted with AES-256-GCM before being sent to the server. Only you can decrypt them with your Master Password.

Key Derivation

Your Master Password is processed through Argon2id, a memory-hard algorithm that makes brute-force attacks extremely slow and expensive.

What the Server Stores

Your username
A cryptographic salt (random data)
A hash for authentication (not your password)
Your encrypted vault (unreadable without your password)

What the Server Never Sees

Your Master Password
Your decrypted passwords
Your decrypted notes

Even if the server is compromised, your data remains encrypted and secure.

PoWDer Help

Keyboard Shortcuts

`/`	Focus search
`?`	Open this help
`Esc`	Close modal / menu

Security

Your vault is encrypted with AES-256-GCM
The server never sees your master password
Auto-lock after the session duration (configurable in Security settings: 1h / 4h / 8h)
Session is cleared on page refresh or lock

Backup

Use Export to create an encrypted backup of your vault. The export is protected by a separate password you choose during export.

Export Vault

Encryption Password

Confirm Password

Your export will be encrypted with this password. Keep it safe - you'll need it to import.

Import Vault

Decryption Password

Enter the password used when exporting. Leave empty if the file is not encrypted.

Recovery Key

Generate a 24-word recovery phrase. If you forget your master password, these words are the only way to recover your vault.

Write these words down and store them safely offline. They will not be shown again.

Once you close this dialog, the words cannot be retrieved.

Recover Account

Username

Recovery Phrase (24 words)

New Master Password

Confirm New Password

Change Master Password

New Password

Confirm New Password

All vault entries will be re-encrypted with your new password. Other sessions will be logged out.

Setup Two-Factor Authentication

Scan this QR code with your authenticator app (Google Authenticator, Authy, etc.):

TOTP QR Code

Or enter this secret manually:

Enter the 6-digit code from your app to confirm:

Enter a code from your authenticator app to disable 2FA:

Authenticator Code

Approve Login

Scan this QR code with your PoWDer Companion app to approve the login:

Challenge QR Code

Or enter this code manually in the companion app:

Waiting for approval...

Register Device

Scan this QR code with the PoWDer Companion app on your phone to register it as a trusted device:

Registration QR Code

Waiting for device...

Trusted Devices

Security

Longer sessions are more convenient but keep your vault unlocked for longer if you walk away. The same value drives server-side session TTL and client-side auto-lock.

Session duration 1h — maximum security 4h — balanced 8h — convenience

Two-factor authentication

Devices: checking...

TOTP: checking...

Confirm your identity

Master Password

Authenticator Code

Challenge QR Code

PoWDer

v0.0.0

Since 2026

elmisi + AI