Securo is a secure, backend-driven password manager built using FastAPI, focused on encryption, password safety, and real-world security features.
It demonstrates core backend security concepts such as encryption, hashing, password rotation, audit logging, and secure exports.
-
🔑 Master Password Protection
Single master password secures all stored credentials.
Hashed using SHA-256 + bcrypt (72-byte safe). -
🔐 Strong Encryption
All passwords encrypted using Fernet (symmetric encryption).
Encryption key is securely managed via.env. -
🔄 Password Rotation
Instantly rotate stored passwords to reduce credential exposure. -
🆘 Emergency Password Generator
Generate strong passwords instantly when needed. -
📤 Export Passwords
Export all saved credentials in JSON format (useful for backups or migration). -
🔍 Search & List Entries
Search saved passwords by service name or list all stored services with metadata. -
📊 Password Strength Scoring
Scores passwords based on length and complexity. -
🕵️ Access Logging
Tracks password access events for auditing and activity monitoring.
| Component | Technology |
|---|---|
| Backend | FastAPI |
| Database | SQLite + SQLAlchemy ORM |
| Security | bcrypt (<4.0), SHA-256, Fernet Encryption |
| Env Management | python-dotenv |
| API Docs | Swagger UI (auto-generated) |
Securo/
├─ backend/
│ ├─ main.py
│ ├─ models.py
│ ├─ database.py
│ ├─ requirements.txt
│ └─ .env
├─ frontend/
│ ├─ index.html
│ ├─ style.css
│ └─ script.js
├─ README.md
└─ LICENSE
git clone https://github.com/your-username/securo.git
cd securo/backendpython -m venv venv
venv\Scripts\activate # Windows
source venv/bin/activate # Linux/Macpip install -r requirements.txtCreate a .env file in the root directory and add your Fernet key:
FERNET_KEY=your_generated_fernet_key_hereTo generate a key:
from cryptography.fernet import Fernet
print(Fernet.generate_key().decode())uvicorn main:app --reload
Server URL: [http://127.0.0.1:8000](http://127.0.0.1:8000)
Swagger Docs: [http://127.0.0.1:8000/docs](http://127.0.0.1:8000/docs)POST /set-master→ Set master password
POST /add→ Add new passwordGET /retrieve→ Retrieve password (master protected)PUT /rotate→ Rotate passwordDELETE /delete→ Delete password
GET /list→ List all servicesGET /search→ Search servicesGET /export→ Export passwords (JSON)GET /health→ Health check
- Master password is never stored in plain text.
- Passwords are encrypted at rest using Fernet.
- bcrypt version is pinned (<4.0) for compatibility.
.envfile is excluded from GitHub commits for safety.
Feature walkthroughs and short demos are available on LinkedIn:
- Password creation
- Secure generation
- Master password flow
- JSON export
- Password rotation
- Backend code snippets
Securo was built to:
- Practice real-world backend security techniques.
- Understand hashing, encryption, and secure password handling.
- Build a production-style FastAPI app.
- Showcase backend skills for internships and developer roles.
Contributions, suggestions, and pull requests are welcome.
Feel free to fork, improve, and build on top of this project.
Apurve Karanwal
Backend Developer | FastAPI | Security Enthusiast
This project is distributed under the MIT License — feel free to use and modify with attribution.