Post-quantum cryptography · NIST ML-KEM-768

Passwords protected
for the quantum era.

PassQ is a local-first password manager that wraps your vault key with ML-KEM-768 — the NIST-standardized, quantum-resistant key-encapsulation mechanism. A vault captured today stays protected against “harvest now, decrypt later” attacks.

Post-quantum protection Encrypted binary vaults Zero dependencies LT / EN
768ML-KEM security level
0npm dependencies
2interfaces · CLI + Web
100%local · nothing leaves your machine

01 — Capabilities

Everything you expect from a modern password manager

Two interfaces, one engine. The same encrypted-vault core powers both the command line and the local web app.

Post-quantum protection

ML-KEM-768 key encapsulation by default — with no extra configuration.

CLI and web

A command line for scripting and a local web UI — both backed by the same vault core.

Encrypted binary vault

Secrets are never written to disk as plaintext or JSON.

Built-in 2FA

Store TOTP secrets and generate rotating codes (RFC 6238) — CLI and web.

Passkey unlock

Unlock the web app with a hardware key / passkey (WebAuthn PRF) without a password.

Password health audit

Local detection of weak / short / reused passwords plus an aggregate health overview.

Groups and folders

Organize entries into nestable groups.

Import / export

Migrate via PassQ JSON or CSV — plaintext export is strictly opt-in.

Password history

Recover a previous password after a change.

Fields and attachments

Custom fields and small files per entry — all encrypted in the vault.

Vault merge / sync

Reconcile two vaults by entry ID (newest wins) — sync across devices.

Clipboard copy

Copy a password or TOTP code with automatic clearing in the CLI.

Auto-lock and strength meter

The web session locks on inactivity; live passphrase strength feedback.

02 — How it works

Unlocking — a key-wrapping cascade

Unlocking is a chain of key wrapping in which the master password gradually reveals the vault data key.

  1. 1
    scrypt

    Master password → passwordKey

  2. 2
    AES-256-GCM

    Decrypts the encrypted ML-KEM private key

  3. 3
    decapsulate()

    Private key → shared key

  4. 4
    HKDF-SHA256

    Mixes both keys → vault data key

  5. 5
    secretBox

    Each entry's secrets sealed with its own key

Cryptographic primitives

Post-quantum key encapsulationML-KEM-768
Key derivation from the passwordscrypt
Mixing the password key + KEM keyHKDF-SHA256
Vault payload & private-key encryptionAES-256-GCM
Per-entry secret encryptionsecretBox (AES-256-GCM, per-entry key)
On-disk formatBinary KDBX-style container

Note The .kdbx extension is PassQ's own binary format and is not KeePass-compatible.

03 — Security

Defense in depth

Secrets stay masked

Secrets are never shown in lists or summaries. A password is revealed only through an explicit action — the CLI --show-password flag or the web “reveal” button.

Nothing leaves your device

Vaults are stored locally in an encrypted binary container. The web server binds to 127.0.0.1 only.

AAD binding

Every AES-GCM layer binds authenticated additional data (AAD) — part of the file format that protects against tampering.

No recovery path

A vault cannot be unlocked without the master password — keep it safe.

04 — Interfaces

Two interfaces, one engine

Command line

# Create a new encrypted vault
node ./bin/passq.js init ./vaults/main.kdbx

# Add an entry with a generated password
node ./bin/passq.js add ./vaults/main.kdbx \
  --title GitHub --username you@example.com --generate

# Reveal a single entry's password
node ./bin/passq.js get ./vaults/main.kdbx GitHub --show-password

# Password health audit
node ./bin/passq.js health ./vaults/main.kdbx

Local web app

# Start the local server
npm run web

# Open in the browser
http://127.0.0.1:4173

The web UI lets you create/open vaults, add and search entries, generate passwords, reveal a single secret on demand, manage groups / fields / attachments, and switch language (EN/LT).

05 — Download

Download and try

The full open-source project in one archive. No dependencies — no npm install needed.

PassQ 0.7.0 · macOS Signed & notarized app · Apple silicon (.dmg)
Download for macOS
PassQ 0.7.0 · Android Android 8+ · sideload build (.apk)
Download for Android
PassQ 0.7.0 · Linux Ubuntu 24.04 LTS · Omarchy 3 / Arch · ZIP
Download for Linux
passq.zip PassQ App source · CLI + Web + tests
Download .zip

Requirements

  • Node.js 26 or newer. PassQ uses the post-quantum primitives built into Node 26 (crypto.generateKeyPairSync('ml-kem-768'), encapsulate(), decapsulate()). Older versions will not run.
  • No third-party npm packages are required.

Quick start

unzip passq.zip && cd PassQ/App
node --version        # must be v26.x or newer
npm test              # confirms ML-KEM support
npm run web           # http://127.0.0.1:4173