New on GitHub since: 1st of May 2024
PHP Password Manager with 100% Custom Fields and a built-in SQLite Database (author: Ron de Jong)
TinyPass Secrets have unlimited Custom Fields, supports mobiles and has many other fun features. Traditional Password Managers work with Fixed Fields that often causes unused and missing fields.
Installing TinyPass is also easy, no database server required or manual paths / URLs to specify. TinyPass simply stores a single database file "tinypass.db" making backups & restores also easy.
- Copy TinyPass to a web directory
- Configure your (Apache) Web Server
- Browse to https://your.ip/tinypass/
- Groups
- Multi User
- Simple Usage
- Search Engine
- Custom Fields
- Reorder Fields
- Clean Interface
- CSV Import/Export
- Built-in SQLite DB
- Password Encryption
Click to expand
New Secrets start with just a Name and an optional Group. Then add, change or remove just the Fields you need and rearrange their order as you wish.
Field Types:
URL - Link that also opens a browser
Mail - Email address (can be a Login)
Pass - Password Field (encrypted)
Text - General purpose text field
Note - Multi-line resizable textarea
Optionally, Secrets can be members of a "Group" selected from a list. The group selection field is editable and non-existent groups are automatically added to the user's groups, making group management easy.
Search within Secrets and Fields, optionally filtered by Group, so you can find your Secrets in an instant (SQL wildcards "_" and "%" are supported).
You can sort all columns in "Show Secrets", "Show Groups" and "Show Users" in ascending and descending order. Sorting the first "Id" column can be handy when you need to remove the last CSV import.
You can select multiple records in "Show Secrets", "Show Groups" and "Show Users" for deletion or CSV export.
By default there are two users named User: "admin" (role: "Admin") and User: "tiny" (role: "User"). Admins can also add, change, or delete users.
When an Admin deletes a user then all user-related Secrets and Groups are deleted. Admins cannot read other user Secrets and cannot delete users: "admin", "tiny".
When a user performs a Password Change, then all Password Fields are re-encrypted. TinyPass also has a Shell interface that enables automated Password Changes.
TinyPass supports CSV Import / Export (with automatic format recognition) and is compatible with more than 10 different password manager formats, including various browsers and other well-known formats.
The group filter is also useful here, allowing you to export only Secrets being a member of a certain Group for instance when using Groups as names of people for whom you keep Secrets.
Password fields are AES-256-CTR encrypted in the database with a SHA512 hash key of your user password (not written anywhere), so remember your password!
TinyPass is designed with performance in mind and also supports mobile screens.
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 (CC BY-NC-ND 4.0 LEGAL CODE)
| Login | Show Secrets |
|---|---|
 |
 |
| View Secret | Edit Secret |
|---|---|
 |
 |
| Login | Show Secrets | Show Secrets Menu |
|---|---|---|
 |
 |
 |
| View Secret | Edit Secret |
|---|---|
 |
 |
-
Web Server (Apache2)
-
PHP 7.4 or newer,
-
PHP extensions:
- standard
- tokenizer
- Core
- date
- openssl
- hash
- pcre
- mbstring
- Create a directory to copy TinyPass (e.g. "/var/www/html/tinypass")
sudo -u www-data mkdir -v "/var/www/html/tinypass";
or create dir automatically to a subdir of your real DocumentRoot as the user running Apache2
sudo -u "$(apachectl -S | grep "User" | awk -F"\"" '{ print $2 }')" mkdir -v "$(sudo apachectl -S | grep "DocumentRoot" | awk -F"\"" '{ print $2 }')tinypass";
- Copy TinyPass to your new directory (e.g. "/var/www/html/tinypass")
sudo -u www-data git clone https://github.com/ron-from-nl/TinyPass.git "/var/www/html/tinypass";
or copy automatically to a subdir of your real DocumentRoot as the user running Apache2
sudo -u "$(apachectl -S | grep "User" | awk -F"\"" '{ print $2 }')" git clone https://github.com/ron-from-nl/TinyPass.git "$(sudo apachectl -S | grep "DocumentRoot" | awk -F"\"" '{ print $2 }')tinypass";
- Configure your webserver (Apache2 example)
sudo nano /etc/apache2/sites-available/000-default.conf
Add the following example section (edit alias and directory)
RewriteRule ^/tinypass$ /tinypass/ [R,L]
Alias /tinypass/ /var/www/html/tinypass/
<Directory /var/www/html/tinypass>
Options MultiViews SymLinksIfOwnerMatch
<Files tinypass.db>
Require all denied
</Files>
AllowOverride All
Require all granted
</Directory>
- Test Config
sudo apachectl configtest;
- Reload Config
sudo systemctl reload apache2;
- Test Status
sudo systemctl status apache2;
- Open a browser to https://your.ip/tinypass/