Password Manager
304 open source Password Manager apps
Citrine
APK
Citrine is a nostr relay for android. It allows any nostr client that supports Android to send and receive events from this application.
F-DroidGitHub
ClassyShark3xodus - Scan apps for warnings
APK
Checks apps for code signatures of known trackers (provided by Exodus). Also can list all classes for launchable (via the app drawer) packages. Can be used against any APK: * installed: via an app manager or built-in ApplicationInfos/PermissionInfos, * downloaded: via any file manager (long press and open with ClassyShark3xodus), * launchable installed: via the first screen list (long press to display dynamic manifest). Note: doesn't work on odexed/system packages (it's a work-in-progress). Finally, the app doesn't sync or connect to the Internet and thus cannot sneak on end users. The app is updated when Exodus updates their list of trackers: https://reports.exodus-privacy.eu.org/api/trackers (Can display any *.xml file stored on the device.) Other features: - Selinux device & per app: appZygote + read_log + shareUser detection, - dynamic & static androidManifest, - full permissions device explorer (via Super#1), - complete apk(s) device explorer (via additional icon) - install & update Date per app, - certificate & fileSum fingerprints details at each scan. ClassyShark3xodus is based on Google's ClassyShark: https://github.com/google/android-classyshark (and apps_Packages Info: https://f-droid.org/en/packages/com.oF2pks.applicationsinfo/).
F-Droid
CleanSlate
APK
CleanSlate is an Android application designed to ensure user privacy and protect sensitive data. It allows users to remotely wipe their device in the unfortunate event of it being lost or stolen. With CleanSlate, your privacy is always in your hands. Features Remote Wipe: Securely erase all data on your device remotely. Authentication System: Prevent unauthorized access to the wiping function. Customizable Wipe Triggers: Configure how and when the remote wipe can be initiated. Minimal Footprint: Lightweight and optimized for minimal impact on device performance.
F-DroidGitHubIzzyOnDroid
Conceal Authenticator
APK
Conceal Authenticator - The First Decentralized 2FA App 🔐 SECURE 2FA AUTHENTICATOR Generate TOTP codes for all your accounts with military-grade encryption and biometric security. • HMAC-SHA1 (standard) • HMAC-SHA256 • HMAC-SHA512 • Period: 30 or 60 seconds • Digits: 6, 7, or 8 🚀 WORLD'S FIRST DECENTRALIZED 2FA BACKUP • Permissionless - No registration or approval needed • Automatic - Your keys are backed up to the blockchain automatically • Decentralized - No single point of failure, no central server Nobody has done this before. This is what decentralization is meant for. ✨ FLEXIBLE OPTIONS • Local-only mode - Use as a standard 2FA app • Manual backup - Export when needed • Automatic blockchain backup - Your keys saved securely on-chain 📦 BUILT-IN WALLET Seamless blockchain integration. Recover your 2FA keys with your wallet seed - no third-party servers. 🛡️ PRIVACY & SECURITY • Self-custody - You own your keys • Biometric security - Fingerprint and face recognition • No central authority - Direct blockchain interaction • Offline capable - Works without internet 👥 SHARE WITH TRUSTED CONTACTS • Share your 2FA keys with significant other or family using whitelisted payment IDs. (Blockchain can broadcast 2FA code to trusted recipients via auto-destruct messaging) 🎨 FEATURES • Multiple themes (Light, Orange, Velvet, Pink, Dark) • Future codes preview • Custom blockchain nodes • QR code scanning • Backup encrypted secret shared key on your blockchain 2FA dedicated wallet. 💡 HOW IT WORKS 1. Add 2FA accounts by scanning QR codes 2. Generate secure codes anytime 3. Your keys are backed up to the blockchain 4. Recover with your wallet seed Powered by the Conceal Network blockchain. (New to crypto? Visit conceal.network to get started.) ⚠️ IMPORTANT: Always backup your recovery seed. Self-custody means you're responsible for your keys.
F-DroidGitHub
CryptX
APK
CryptX is a student-driven project developed as part of an exploration into information security concepts. The application focuses on implementing encryption and steganography techniques, serving as a hands-on experiment with secure data handling. Built during academic studies in Information Technology, it showcases foundational knowledge in cryptography and secure communication practices.
F-DroidGitHub
Cryptfs Password
APK
This app lets you changes the Android disk encryption password. You will only be required to use the new password at the next boot, so it is important not to forget it until then, and take a full backup just in case. Short of brute-forcing, the only way to recover from a forgotten encryption password is to factory reset the device, deleting all user data in the process, so proceed with caution. The app will verify that you have root access by checking if you have one of the more popular 'superuser' apps (Superuser or SuperSU) installed, and trying to execute a dummy command with su at startup. If your device is not encrypted, it will refuse to start.
F-DroidGitHub
CryptoPass
APK
Generate different passwords from single master password using cryptographically strong method (PBKDF2 with SHA-256). Create strong passwords for different websites (or anything else) using a single secret key. There's no need to remember or store multiple passwords if you can derive them from your master key. Сan easily be used as password generator and password manager. Your passwords doesn't store anywhere, username and url pairs stored for easy access. password = base64(pbkdf2(secret, username@url)) PBKDF2 uses SHA-256 and 5000 iterations. Cuts password to specified length (25 by default). Compatible with Chrome CryptoPass extension https://chrome.google.com/webstore/detail/cryptopass/hegbhhpocfhlnjmemkibgibljklhlfco
F-Droid
CryptoSafe
APK
CryptoSafe is a lightweight, offline-first Android app for military-grade text encryption. Your data never leaves your device. Features: • Strong Encryption: AES-256-GCM with Argon2id key derivation (128 MiB, 4 iterations) • 100% Offline: No internet permission needed. Your data never leaves your device • Screenshot Blocked: FLAG_SECURE prevents accidental leaks • Zero Storage: No logs, no cache, no database • Modern UI: Material 3 design with dark theme and smooth animations • Copy & Clear: One-tap copy and quick clear of sensitive fields Perfect for journalists, activists, and anyone who needs to encrypt sensitive text messages without relying on cloud services or internet connectivity.
F-DroidGitHub
Cryptocam - encrypting camera app
APK
Cryptocam allows you to take encrypted photos and videos so your data is safe even if an attacker gains physical access to your device or SD card. Find a full tutorial on https://cryptocam.gitlab.io Worried that your device or memory card might get into the wrong hands with sensitive footage on it? Cryptocam uses age (X25519 and ChaCha20) to encrypt recorded videos and photos without ever persisting unencrypted data to device storage.
F-Droid
Cryptographic ID
APK
Use cases: - Attest the state of a Linux computer When your computer is in a trustworthy state, you can generate a private key hidden in the TPM2 of your computer. This private key can be sealed with the current state of the computer (PCRs). Then the computer can only sign a message with this key when it is in the correct state according to the PCRs. For example, you can seal the key against the secure boot state (PCR7). If your computer is booting an operating system signed by another vendor, the TPM2 cannot unseal the private key. So if your computer can generate a correct signature, it is in this known state. You can create a sealed private key and create such a signature with cryptographic-id-rs (https://gitlab.com/cryptographic_id/cryptographic-id-rs). This is similar to tpm2-totp (https://github.com/tpm2-software/tpm2-totp) but uses asymmetric cryptography. This means you do not need to keep the verification code secure. You can share it safely with the world. - Verify the identity of a phone You can generate a private key when your phone is in a trustworthy state. If your phone can create a correct signature, you know it is the same phone. Since the operating system can access the private key, the security guarantees are much weaker than with a TPM2. So the verification is just as secure as your phone. If you use Graphene OS, also have a look at Auditor (https://attestation.app/tutorial). - Verify that a person is in possession of a private key This works as well as the section above but has the same shortcomings. It can be used to verify someone in person when he sends his public key to you in advance over a secure channel.
F-Droid
Cryptomator
APK
With Cryptomator, the key to your data is in your hands. Cryptomator encrypts your data quickly and easily. Afterwards you upload them protected to your favorite cloud service.Cryptomator requires a license key, which you can obtain from https://cryptomator.org/android/EASY-TO-USECryptomator is a simple tool for digital self-defense. It allows you to protect your cloud data by yourself and independently.Simply create a vault and assign a passwordNo additional account or configuration neededUnlock vaults with your fingerprintCOMPATIBLECryptomator is compatible with the most commonly used cloud storages and available for all major operating systems.Compatible with Dropbox, OneDrive, S3- and WebDAV-based cloud storage servicesCreate vaults in Android’s local storage (e.g., works with third-party sync apps)Access your vaults on all your mobile devices and computersSECUREYou don't have to trust Cryptomator blindly, because it is open source software. For you as a user, this means that everyone can see the code.File content and filename encryption with AES and 256 bit key lengthVault password is secured with scrypt for enhanced brute-force resistanceVaults are automatically locked after sending app to backgroundCrypto implementation is publicly documentedAWARD-WINNINGCryptomator received the CeBIT Innovation Award 2016 for Usable Security and Privacy. We're proud to provide security and privacy for hundreds of thousands of Cryptomator users.CRYPTOMATOR COMMUNITYJoin the Cryptomator Community and participate in the conversations with other Cryptomator users.Follow us on Mastodon @cryptomator@mastodon.onlineLike us on Facebook /Cryptomator
F-DroidGitHubIzzyOnDroid
Cryptool
APK
Cryptography tool application. It makes easy the encryption of text in any place and situation. It has a very useful floating tool mode. It is only about 2 MB. He does not ask for permission or do anything weird.
GitHubIzzyOnDroid
Círculo
APK
Keep yourself and your community safe with Círculo, an easy to use app that allows you to send check-ins and urgent alerts in a fast and private way to a pre-selected circle of supporters. Círculo is a safe way to share your concerns, status and location with a small group of close friends, relatives or colleagues. Círculo was developed through a collaboration between Article19, Circle of 6, and Guardian Project.
guardian
De1984
APK
De1984 is a powerful Firewall and Package Manager for Android devices with multiple backend support for maximum flexibility and performance. The name **De1984** is inspired by George Orwell’s novel Nineteen Eighty-Four, reflecting the app’s philosophy of resisting surveillance and reclaiming digital privacy. It symbolizes a reversal of the dystopian control described in the book, empowering users to take back control over their devices and data. FIREWALL FEATURES - Multiple firewall capabilities: iptables (root/Shizuku), ConnectivityManager (Android 13+), and VPN fallback - Automatic firewall method selection based on device capabilities - Comprehensive iptables method for rooted devices provides kernel-level blocking with superior performance - ConnectivityManager for Android 13+ devices without root - VPN backend as fallback for maximum compatibility (no root required) - Block apps from accessing WiFi, Mobile Data, or Roaming independently - Global firewall policies: "Block All by Default" (allowlist) or "Allow All by Default" (blocklist) - Screen-off blocking to save battery and data - Real-time network state monitoring and automatic rule application PACKAGE MANAGEMENT (with Shizuku or root) - Enable/disable system apps - Force stop running apps - Uninstall system and user apps - Works with Shizuku (no root required) or traditional root access - Filter packages by system/user apps, enabled/disabled state - Search functionality for quick package lookup PRIVACY FIRST - Zero tracking or analytics - No telemetry - Local-only data storage - No proprietary libraries - No Google Play Services - 100% open source (MIT License) - Buildable from source REQUIREMENTS - Android 8.0 (API 26) or higher - For iptables firewall: Root access OR Shizuku in root mode - For ConnectivityManager firewall: Shizuku + Android 13+ - For VPN firewall: VPN permission (no root required, works on all Android versions) - For package management: Shizuku or root access PERMISSIONS - ACCESS_NETWORK_STATE: Monitor network connectivity for automatic rule application - BIND_VPN_SERVICE: Create local VPN for VPN-based firewall backend - QUERY_ALL_PACKAGES: View all installed apps - POST_NOTIFICATIONS: Show notifications for new app installations (optional) - RECEIVE_BOOT_COMPLETED: Auto-start firewall on device boot - Shizuku or root access: For iptables firewall and package management (optional) OPEN SOURCE Source code: https://github.com/dorumrr/de1984 License: MIT Issues: https://github.com/dorumrr/de1984/issues Late nights for brighter days. Created by Doru Moraru
F-DroidGitHubIzzyOnDroid
DeadHash
APK
DeadHash is an utility to calculate file and text hashes. The following hash calculations are supported: * MD5 * SHA-1 * SHA-224 * SHA-256 * SHA-3 * SHA-384 * SHA-512 * CRC32
F-DroidGitHubIzzyOnDroid
Derandom
APK
Predicts pseudo random numbers based on a sequence of observed numbers. Enter a sequence of numbers that you obtained from a pseudo random number generator like, for instance, the Java standard pseudo random number generator or the Mersenne Twister MT19937. The app will then try to predict following numbers from the generator. The app expects all numbers to be entered as integers or floating point numbers between zero and one. Currently, floating point numbers are supported for the Mersenne Twister only. Three input modes are supported: 1. Text field lets you enter the numbers directly on the device. 2. File lets you choose a file with newline separated number strings. 3. Socket opens a server socket on the device. You can then connect with a custom client by means of a client socket and send newline separated number strings to the server. After each number the server will send back the next newline separated predictions. Each block of predictions is separated by an additional newline. To test the app, enter the following numbers in the Text field: 1412437139 1552322984 168467398 1111755060 -928874005 These numbers were sampled from the Java linear congruential generator Random.nextInt(). Thus, the app should detect LCG: Java after the third number input, and numbers in the prediction history should appear in green instead of red, indicating that those numbers were correctly predicted. The source code of this app is published on GitLab. There you can also find a Python program for testing socket input: https://gitlab.com/asnelt/derandom/blob/HEAD/README.md
F-Droid
Diceware Password Generator
APK
Generate diceware passwords using the Reinhold, EFF (long) or EFF (short) wordlists, using the pseudo-random number generator on your device, random.org, or actual dice as sources of random numbers.
F-DroidGitHub
Disabler
APK
Disable/Enable Any application using a easy access launcher. This application need ROOT to disable applications This is an Open Source version of IceBox App Features: * Add any applications( System or user) * create tabs to order your applications (mutlples tabs allowed) * Disable/Enable any application * Global buttom to enable/disable applications * Auto disable when screen off * Change Icons Sizes * … More Source Code : https://github.com/aceventura82/AppsDisabler Website: https://www.servoz.tk/app-disabler/ XDA Thread: https://forum.xda-developers.com/android/apps-games/app-disabler-app-to-easily-disable-app-t4121581
F-DroidGitHub
DissPair
APK
DissPair is a toolkit for analyzing and testing Bluetooth device connections. It supports security research workflows on mobile platforms.
F-DroidGitHub
DresSecureComms
APK
DresSecureComms is a FOSS, de-Googled, all-in-one secure communications app. It works fully offline for SMS and calls, with no Google services and no trackers.Features:Messages: a private offline SMS client. Send and receive normal texts, or turn on encryption per message. Encrypted messages use AES-256-GCM and only work between two people who both use this app and share the same key (set by hand in Settings).Calls: dial any number or call a saved contact over your normal carrier line.Contacts: an encrypted local vault, stored with the Android Keystore. Add contacts by hand or import them from the device.Threat Scan: check a URL against VirusTotal using your own free API key.Metadata Wipe: strip GPS and EXIF data from a photo before you share it.Geo Spoofer: set a mock GPS location, or have the app pick a random one.App Lock: biometric or device PIN.End Notes:We need your help to battle Google and its restrictions so if you use any of our projects, services or apps and it works for you then please tell a freind to tell a freind about us.Part of the DresOS Android privacy and defensive-security project.Website: https://dresos.orgSource: https://github.com/The-DresOS-Foundation/DresSecureCommsDonate: https://ko-fi.com/dresos
GitHubIzzyOnDroid
DroidCrypt
APK
Description: File and text encryption in Android offers crucial benefits in protecting sensitive data. By encrypting files and text, users can prevent unauthorized access, ensuring confidentiality and privacy. This is especially vital in a world where mobile devices often contain personal, financial, and business-related information. Encryption adds an additional layer of security, preventing malicious actors from intercepting or tampering with data, thus mitigating the risk of data breaches and identity theft. Features: - Uses AES-256-GCM for encryption - Uses Scrypt for key derivation with CPU/Memory cost of 32768, block size of 16, and parallelization of 4 - Built in Java
F-DroidGitHub
DroidFS
APK
DroidFS is an alternative way to use encrypted overlay file-systems on Android that uses its own internal file explorer instead of mounting volumes. This allows you to store files in encrypted vaults that other apps can't decrypt. Currently, DroidFS supports the following encrypted containers: - gocryptfs (https://github.com/rfjakob/gocryptfs): encrypts file contents and file names but doesn't hide directory structure or file sizes. - CryFS (https://github.com/cryfs/cryfs): slower, but encrypts everything and obfuscates file sizes. Features: - Compatible with original encrypted volume implementations - Internal support for video, audio, images, text and PDF files - Built-in camera to take on-the-fly encrypted photos and videos - Ability to expose volumes to other applications - Unlocking volumes using fingerprint authentication - Volume auto-locking when the app goes in background Permissions: Read & write access to shared storage: required to access volumes located on shared storage. Biometric/Fingerprint hardware: needed to encrypt/decrypt password hashes using a fingerprint protected key. Camera: required to take encrypted photos or videos directly from the app. Record audio: required if you want sound on videos recorded with DroidFS. Notifications: used to report file operations progress and notify about volumes kept open All of these permissions can be denied if you don't want to use the corresponding feature. DroidFS is free, open-source, and you can find the project's repository: - on GitHub: https://github.com/hardcore-sushi/DroidFS - on the Gitea instance of the Chapril project: https://forge.chapril.org/hardcoresushi/DroidFS Warning ! Security is neither absolute nor definitive. DroidFS does not come with any warranty and should not be considered as an absolute safe way to store files.
F-Droid
Droid_SCEP
APK
This app enables you to request and poll certificates from a SCEP (Simple Certificate Enrollment Protocol) server. It can be configured via MDM (Mobile Device Management) policies. Certificates can be automatically (silently) enrolled and renewed if delegated scope CERT_INSTALL is granted and SCEP connection details are configured via MDM/EMM. Plus it can be used as certificate selection app (private key mapping) if delegated scope CERT_SELECTION is granted, based on "cert-to-app" selection rules configured via MDM/EMM policy. It can also be used to monitor the expiration of your personal certificates and send you a notification a couple of days before. Additionally, it provides a manual Certificate Signing Request (CSR) creation feature and a PEM to PKCS12 converter.
F-DroidGitHub
Dumpsys Packages Copycat
APK
With the introduction of the QUERY_ALL_PACKAGES permission, as far as I understand, it became impossible to use built-in tools to list and inspect installed packages. (Please let me know if you are aware of another workaround.) That is, of course, assuming you don't have access to root privileges. However, you might not desire to root your phone, either because it can turn out to be quite difficult to achieve, or because it has numerous disadvantages in itself, anyway. Another option is to connect to the phone via Android Debug Bridge (ADB) and run: adb shell dumpsys | sed -n '/^Packages:/,/^[[:space:]]*$/p' The command prints the "Packages" section from dumpsys, which contains detailed information about every installed package. It works, but the downside is obvious: You need an extra device to connect and run adb. This app strives to reproduce the output from above command, right on your phone - neither root privileges nor ADB required - using only API calls and the QUERY_ALL_PACKAGES permission.
F-DroidGitHub