Post-quantum protection
ML-KEM-768 key encapsulation by default — with no extra configuration.
Post-quantum cryptography · NIST ML-KEM-768
PassQ is a local-first password manager that wraps your vault key with ML-KEM-768 — the NIST-standardized, quantum-resistant key-encapsulation mechanism. A vault captured today stays protected against “harvest now, decrypt later” attacks.
01 — Capabilities
Two interfaces, one engine. The same encrypted-vault core powers both the command line and the local web app.
ML-KEM-768 key encapsulation by default — with no extra configuration.
A command line for scripting and a local web UI — both backed by the same vault core.
Secrets are never written to disk as plaintext or JSON.
Store TOTP secrets and generate rotating codes (RFC 6238) — CLI and web.
Unlock the web app with a hardware key / passkey (WebAuthn PRF) without a password.
Local detection of weak / short / reused passwords plus an aggregate health overview.
Organize entries into nestable groups.
Migrate via PassQ JSON or CSV — plaintext export is strictly opt-in.
Recover a previous password after a change.
Custom fields and small files per entry — all encrypted in the vault.
Reconcile two vaults by entry ID (newest wins) — sync across devices.
Copy a password or TOTP code with automatic clearing in the CLI.
The web session locks on inactivity; live passphrase strength feedback.
02 — How it works
Unlocking is a chain of key wrapping in which the master password gradually reveals the vault data key.
Master password → passwordKey
Decrypts the encrypted ML-KEM private key
Private key → shared key
Mixes both keys → vault data key
Each entry's secrets sealed with its own key
| Post-quantum key encapsulation | ML-KEM-768 |
| Key derivation from the password | scrypt |
| Mixing the password key + KEM key | HKDF-SHA256 |
| Vault payload & private-key encryption | AES-256-GCM |
| Per-entry secret encryption | secretBox (AES-256-GCM, per-entry key) |
| On-disk format | Binary KDBX-style container |
Note The .kdbx extension is PassQ's own binary format and is not KeePass-compatible.
03 — Security
Secrets are never shown in lists or summaries. A password is revealed only through an explicit action — the CLI --show-password flag or the web “reveal” button.
Vaults are stored locally in an encrypted binary container. The web server binds to 127.0.0.1 only.
Every AES-GCM layer binds authenticated additional data (AAD) — part of the file format that protects against tampering.
A vault cannot be unlocked without the master password — keep it safe.
04 — Interfaces
# Create a new encrypted vault
node ./bin/passq.js init ./vaults/main.kdbx
# Add an entry with a generated password
node ./bin/passq.js add ./vaults/main.kdbx \
--title GitHub --username you@example.com --generate
# Reveal a single entry's password
node ./bin/passq.js get ./vaults/main.kdbx GitHub --show-password
# Password health audit
node ./bin/passq.js health ./vaults/main.kdbx
# Start the local server
npm run web
# Open in the browser
http://127.0.0.1:4173
The web UI lets you create/open vaults, add and search entries, generate passwords, reveal a single secret on demand, manage groups / fields / attachments, and switch language (EN/LT).
05 — Download
The full open-source project in one archive. No dependencies — no npm install
needed.
crypto.generateKeyPairSync('ml-kem-768'), encapsulate(), decapsulate()). Older versions will not run.unzip passq.zip && cd PassQ/App
node --version # must be v26.x or newer
npm test # confirms ML-KEM support
npm run web # http://127.0.0.1:4173