Distributed backup and recovery
Implement a feature to allow users (opt-in) to distribute their vaults encrypted to the network and recover them from a fresh install using a mnemonic phrase or something other deterministic approach.
Alberto Valero 6 months ago
Distributed backup and recovery
Implement a feature to allow users (opt-in) to distribute their vaults encrypted to the network and recover them from a fresh install using a mnemonic phrase or something other deterministic approach.
Alberto Valero 6 months ago
YubiKey Support
U2F-enabled Security Key, such as the YubiKey, user login is bound to the origin, meaning that only the real site can authenticate with the key. The authentication will fail on the fake site even if the user was fooled into thinking it was real. This greatly mitigates against the increasing volume and sophistication of phishing attacks and stops account takeovers. Standard https://www.yubico.com/authentication-standards/fido-u2f-standard/
William K Santiago 5 months ago
YubiKey Support
U2F-enabled Security Key, such as the YubiKey, user login is bound to the origin, meaning that only the real site can authenticate with the key. The authentication will fail on the fake site even if the user was fooled into thinking it was real. This greatly mitigates against the increasing volume and sophistication of phishing attacks and stops account takeovers. Standard https://www.yubico.com/authentication-standards/fido-u2f-standard/
William K Santiago 5 months ago
SSH Key Support with Automatic SSH Agent Integration (OpenSSH / Pageant)
Request to add native SSH key management with automatic SSH agent integration. This would turn PearPass into a secure, unified hub for SSH authentication, handling key lifecycle safely in the system agent. Proposed Features: πΉ 1. Entry-Level Key Management Attach private key files directly to vault entries. Auto-decrypt on agent load if the key is password-protected (use credentials from the entry). Display metadata: public key, fingerprints (MD5, SHA256), and key comment. πΉ 2. Lifecycle & Security Controls Add keys to the SSH agent automatically on vault unlock. Remove keys from the agent on vault lock/close. Optional "require confirmation" flag for key usage. Auto-remove timeout after last use (default: 600s, configurable). πΉ 3. UI Dedicated tab/window "Active SSH Keys" showing which keys are currently loaded in the agent. "Clear Agent" button to instantly remove all PearPass-managed keys. πΉ 4. Implementation Notes Integrate with the system OpenSSH agent (Win/Linux/macOS) and/or Pageant (PuTTY). Ensure compatibility with MobaXterm, WinSCP, PuTTY, native OpenSSH, VS Code Remote, etc. Keys must never be written to disk: operate exclusively in memory via the standard SSH agent protocol. Benefits: β Unified password & SSH key manager β Enhanced security: keys reside only in memory, auto-expire, and clear on lock β Seamless workflow with any terminal, IDE, or SSH client Happy to provide feedback or assist with testing. Thanks for your great work! π‘οΈ
Dotpwnpewpew 16 days ago
SSH Key Support with Automatic SSH Agent Integration (OpenSSH / Pageant)
Request to add native SSH key management with automatic SSH agent integration. This would turn PearPass into a secure, unified hub for SSH authentication, handling key lifecycle safely in the system agent. Proposed Features: πΉ 1. Entry-Level Key Management Attach private key files directly to vault entries. Auto-decrypt on agent load if the key is password-protected (use credentials from the entry). Display metadata: public key, fingerprints (MD5, SHA256), and key comment. πΉ 2. Lifecycle & Security Controls Add keys to the SSH agent automatically on vault unlock. Remove keys from the agent on vault lock/close. Optional "require confirmation" flag for key usage. Auto-remove timeout after last use (default: 600s, configurable). πΉ 3. UI Dedicated tab/window "Active SSH Keys" showing which keys are currently loaded in the agent. "Clear Agent" button to instantly remove all PearPass-managed keys. πΉ 4. Implementation Notes Integrate with the system OpenSSH agent (Win/Linux/macOS) and/or Pageant (PuTTY). Ensure compatibility with MobaXterm, WinSCP, PuTTY, native OpenSSH, VS Code Remote, etc. Keys must never be written to disk: operate exclusively in memory via the standard SSH agent protocol. Benefits: β Unified password & SSH key manager β Enhanced security: keys reside only in memory, auto-expire, and clear on lock β Seamless workflow with any terminal, IDE, or SSH client Happy to provide feedback or assist with testing. Thanks for your great work! π‘οΈ
Dotpwnpewpew 16 days ago
Add an option to select a default Vault that opens automatically after authenticating.
Selecting the Vault every time, especially when the user has only one, is a drag. This UX is also confusing as it gives the impression that the primary expected action here is to create a Vault. Perhaps add a configurable modifier key (like the option key on macOS, as a default) that shows the list of vaults to select from if pressed when authenticating. Alternatively, add another button to view the Vault list to select from.
Tiger 5 months ago
Add an option to select a default Vault that opens automatically after authenticating.
Selecting the Vault every time, especially when the user has only one, is a drag. This UX is also confusing as it gives the impression that the primary expected action here is to create a Vault. Perhaps add a configurable modifier key (like the option key on macOS, as a default) that shows the list of vaults to select from if pressed when authenticating. Alternatively, add another button to view the Vault list to select from.
Tiger 5 months ago
Link device similar to Keet
Where all your vaults from one device and master password sync to another device. So you can just scan a QR or paste a link on another device and you have the exact same Pearpass on one device as another
kikkarokki 5 months ago
Link device similar to Keet
Where all your vaults from one device and master password sync to another device. So you can just scan a QR or paste a link on another device and you have the exact same Pearpass on one device as another
kikkarokki 5 months ago
Reduce taps to log in via biometrics and select vault before credentials displayed for android autofill
Request: Reduce the screen taps and options to completing an autofill credential selection using Android autofill. Currently to select an autofill credential a user has to tap "use fingerprint", provide fingerprint then select a vault and finally make the credential selection Please consider having the fingerprint option as default login when opening the app, instant log in. Then have a vault option as default when log in is complete getting you straight to the credential. One fingerprint provided instead of 3 interactions
vanhoopstallion 5 months ago
Reduce taps to log in via biometrics and select vault before credentials displayed for android autofill
Request: Reduce the screen taps and options to completing an autofill credential selection using Android autofill. Currently to select an autofill credential a user has to tap "use fingerprint", provide fingerprint then select a vault and finally make the credential selection Please consider having the fingerprint option as default login when opening the app, instant log in. Then have a vault option as default when log in is complete getting you straight to the credential. One fingerprint provided instead of 3 interactions
vanhoopstallion 5 months ago
Option to sync master password between devices
If any of the devices change master password it changes it for all devices with this enabled
kikkarokki 5 months ago
Option to sync master password between devices
If any of the devices change master password it changes it for all devices with this enabled
kikkarokki 5 months ago
Autofill on IOS does not work
Autofill doesn't work on IOS Worked on version 1.5 and 2.0 Enviromental: appVersion: 2.1.0 platform: ios platformVersion: 26.4
Dotpwnpewpew 5 days ago
Autofill on IOS does not work
Autofill doesn't work on IOS Worked on version 1.5 and 2.0 Enviromental: appVersion: 2.1.0 platform: ios platformVersion: 26.4
Dotpwnpewpew 5 days ago
Filter/category for entries that contain passkeys
Feature suggestion: Could you please add a filter/category for entries that contain passkeys (similar to existing filters like Recovery Phrases, WiβFi, etc.)? This would help to: Quickly find accounts set up with passkey login; Manage those entries more easily (edit, export, delete); Get an overview of passwordless authentication usage across my vault. If this is technically straightforward, it would be a very welcome addition. Thanks again for your great work!
Dotpwnpewpew 10 days ago
Filter/category for entries that contain passkeys
Feature suggestion: Could you please add a filter/category for entries that contain passkeys (similar to existing filters like Recovery Phrases, WiβFi, etc.)? This would help to: Quickly find accounts set up with passkey login; Manage those entries more easily (edit, export, delete); Get an overview of passwordless authentication usage across my vault. If this is technically straightforward, it would be a very welcome addition. Thanks again for your great work!
Dotpwnpewpew 10 days ago
BUG: Extension loses autofill after Passkey is added to an existing entry
Summary When a Passkey is added to an existing vault entry, the browser extension stops recognizing that entry for autofill β showing "No records found" β until a new separate entry is created for the same site. Steps to reproduce 1.Create a vault entry with a username + password for a site. 2.Verify the extension autofills credentials correctly. 3.Add a Passkey to the same entry. 4.Navigate to the site's login page and trigger autofill via the extension. Actual Extension shows "No records found" β entry is no longer matched to the site. Workaround Creating a new separate entry for the same site restores autofill Root cause hypothesis Adding a Passkey may alter the entry's internal type, URI matching logic, or record structure in a way that causes the extension's site-matching query to exclude entries that contain a Passkey credential. Requested fix Ensure that adding a Passkey to an entry does not break existing username/password autofill matching. Both credential types should coexist in a single entry and be independently discoverable by the extension. I checked on the Dropbox website After creating a new record
Dotpwnpewpew 6 days ago
BUG: Extension loses autofill after Passkey is added to an existing entry
Summary When a Passkey is added to an existing vault entry, the browser extension stops recognizing that entry for autofill β showing "No records found" β until a new separate entry is created for the same site. Steps to reproduce 1.Create a vault entry with a username + password for a site. 2.Verify the extension autofills credentials correctly. 3.Add a Passkey to the same entry. 4.Navigate to the site's login page and trigger autofill via the extension. Actual Extension shows "No records found" β entry is no longer matched to the site. Workaround Creating a new separate entry for the same site restores autofill Root cause hypothesis Adding a Passkey may alter the entry's internal type, URI matching logic, or record structure in a way that causes the extension's site-matching query to exclude entries that contain a Passkey credential. Requested fix Ensure that adding a Passkey to an entry does not break existing username/password autofill matching. Both credential types should coexist in a single entry and be independently discoverable by the extension. I checked on the Dropbox website After creating a new record
Dotpwnpewpew 6 days ago
Flexible Word Count for Recovery Phrase Records
1. Overview Pearpass currently supports Recovery Phrase records with a fixed word count of 12 or 24 words (BIP-39 standard). However, various services and platforms use recovery phrases, mnemonic codes, and backup codes with different word counts. This feature request proposes extending the Recovery Phrase record type to support a configurable, user-defined word count. 2. Problem Statement Users who store recovery credentials for services outside the BIP-39 ecosystem (cryptocurrency wallets) are forced to use workaround solutions such as free-text notes, which lack the structured UX, copy-per-word functionality, and validation benefits of the dedicated Recovery Phrase record type. Known services with non-standard word counts: Service Word / Code Count Format Notes Bitcoin / Ethereum wallets (BIP-39) 12 or 24 words Currently supported Steam Guard ~30 words Recovery code list Dropbox 10 words Account recovery phrase GitHub 16 codes Each code is alphanumeric, not a dictionary word Google / Apple (varies) 8β12 words Account recovery Custom enterprise systems Variable Any count per policy Exapmle: Steam Guard - 1A1AA11 Github - aa09f-8cc75 Dropbox - aa1aaaa2 3. Proposed Solution Allow the user to configure the word count (or code count) of a Recovery Phrase record freely, instead of being limited to 12 or 24. 3.1 Word Count Configuration Replace the current fixed selector (12 / 24) with a flexible numeric input or extended selector. Supported range: 1 to 64 words/codes (sufficient for all known real-world cases, extensible later). The input count determines the number of word fields rendered in the record editor. Default value remains 12 or 24. 3.2 Validation BIP-39 dictionary validation applies only when the count is 12 or 24. For all other counts, fields accept arbitrary alphanumeric strings (no dictionary restriction). Empty fields generate a warning, not an error β some services allow partial recovery sets.
Dotpwnpewpew 6 days ago
Flexible Word Count for Recovery Phrase Records
1. Overview Pearpass currently supports Recovery Phrase records with a fixed word count of 12 or 24 words (BIP-39 standard). However, various services and platforms use recovery phrases, mnemonic codes, and backup codes with different word counts. This feature request proposes extending the Recovery Phrase record type to support a configurable, user-defined word count. 2. Problem Statement Users who store recovery credentials for services outside the BIP-39 ecosystem (cryptocurrency wallets) are forced to use workaround solutions such as free-text notes, which lack the structured UX, copy-per-word functionality, and validation benefits of the dedicated Recovery Phrase record type. Known services with non-standard word counts: Service Word / Code Count Format Notes Bitcoin / Ethereum wallets (BIP-39) 12 or 24 words Currently supported Steam Guard ~30 words Recovery code list Dropbox 10 words Account recovery phrase GitHub 16 codes Each code is alphanumeric, not a dictionary word Google / Apple (varies) 8β12 words Account recovery Custom enterprise systems Variable Any count per policy Exapmle: Steam Guard - 1A1AA11 Github - aa09f-8cc75 Dropbox - aa1aaaa2 3. Proposed Solution Allow the user to configure the word count (or code count) of a Recovery Phrase record freely, instead of being limited to 12 or 24. 3.1 Word Count Configuration Replace the current fixed selector (12 / 24) with a flexible numeric input or extended selector. Supported range: 1 to 64 words/codes (sufficient for all known real-world cases, extensible later). The input count determines the number of word fields rendered in the record editor. Default value remains 12 or 24. 3.2 Validation BIP-39 dictionary validation applies only when the count is 12 or 24. For all other counts, fields accept arbitrary alphanumeric strings (no dictionary restriction). Empty fields generate a warning, not an error β some services allow partial recovery sets.
Dotpwnpewpew 6 days ago
Trash / Recently Deleted Folder
When a user deletes an item, it should not be permanently removed immediately. Instead, deleted items should be moved to a Trash (or Recently Deleted) folder where they remain for a limited period (for example, 30 days) before being permanently deleted. This would allow users to restore items that were accidentally deleted, improving safety and reducing the risk of losing important credentials. Users should also have the option to manually restore items or permanently delete them from the Trash at any time.
Constantine Mindiashvili 3 months ago
Trash / Recently Deleted Folder
When a user deletes an item, it should not be permanently removed immediately. Instead, deleted items should be moved to a Trash (or Recently Deleted) folder where they remain for a limited period (for example, 30 days) before being permanently deleted. This would allow users to restore items that were accidentally deleted, improving safety and reducing the risk of losing important credentials. Users should also have the option to manually restore items or permanently delete them from the Trash at any time.
Constantine Mindiashvili 3 months ago
π full-text search in notes
A full-text keyword search across note titles and content is required to use PearpPa ss as a single note-taking app, eliminating every other note app.
Sebastiano 5 months ago
π full-text search in notes
A full-text keyword search across note titles and content is required to use PearpPa ss as a single note-taking app, eliminating every other note app.
Sebastiano 5 months ago
Export and import of embedded file contents (Attachments)
Problem: Current export only saves attachment metadata (id, name). File content is missing, making backups incomplete. "attachments": [ { "id": "00000000-3b5a-4638-8b01-3ddb93f974d0", "name": "recovery.txt" } ] Goal: Enable full export & import of attachment Export: Include attachments toggle. Reads files β Base64 + SHA-256 β JSON β encrypt. Limits: 10 MB/file, 50 MB total. Import: Decodes Base64, verifies sha256, restores to local storage.
Dotpwnpewpew 6 days ago
Export and import of embedded file contents (Attachments)
Problem: Current export only saves attachment metadata (id, name). File content is missing, making backups incomplete. "attachments": [ { "id": "00000000-3b5a-4638-8b01-3ddb93f974d0", "name": "recovery.txt" } ] Goal: Enable full export & import of attachment Export: Include attachments toggle. Reads files β Base64 + SHA-256 β JSON β encrypt. Limits: 10 MB/file, 50 MB total. Import: Decodes Base64, verifies sha256, restores to local storage.
Dotpwnpewpew 6 days ago
Additional Password fields per entry
Some times logins or apps can can have another password or pin so it would be nice to store this under the same entry
muspabotri 4 months ago
Additional Password fields per entry
Some times logins or apps can can have another password or pin so it would be nice to store this under the same entry
muspabotri 4 months ago
Per vault passwords also syncable between devices
So for example you can share a group of vaults and give selective access to them. Say you want family members to have access to your pearpass but only some of the vaults. Another way this might be solved is multiple master passwords each with a different profile and vaults etc
kikkarokki 5 months ago
Per vault passwords also syncable between devices
So for example you can share a group of vaults and give selective access to them. Say you want family members to have access to your pearpass but only some of the vaults. Another way this might be solved is multiple master passwords each with a different profile and vaults etc
kikkarokki 5 months ago
AppImage update mechanism
Introduce AppImage update mechanism, according to the request here https://github.com/tetherto/pearpass-app-desktop/issues/208
Costin Busioc about 1 month ago
AppImage update mechanism
Introduce AppImage update mechanism, according to the request here https://github.com/tetherto/pearpass-app-desktop/issues/208
Costin Busioc about 1 month ago
Mask Recovery Phrases
Treat the recovery phrase feature the same as passwords, mask them behind ****** and have a click-to-reveal option rather than immediately show in plain text.
userid6789 4 months ago
Mask Recovery Phrases
Treat the recovery phrase feature the same as passwords, mask them behind ****** and have a click-to-reveal option rather than immediately show in plain text.
userid6789 4 months ago