Why is it (almost) impossible to hack?
Zero-Knowledge & Offline
Most password breaches happen when a cloud server is hacked. PassMana has no servers. Your data
never leaves your PC. The database (vault.enc) is encrypted locally and decrypted
only in temporary RAM when you unlock the app.
Argon2id (Brute-Force Resistance)
Your Master Password is never used directly. It gets processed by Argon2id (the winner of the Password Hashing Competition) with incredibly high Memory and CPU costs. Even if a hacker stole your vault file and used a GPU farm to guess the password, it would take geological eras.
XChaCha20-Poly1305
Your data is sealed using XChaCha20-Poly1305 via the renowned libsodium library. It is a modern cipher, faster and more secure than classic AES-256, and completely immune to timing attacks.
The only ways to break it
The cryptography is mathematically perfect. Quantum computers are not yet a threat to 256-bit symmetric ciphers (like XChaCha20-Poly1305). The only weak link in the system is you or your operating environment. Here are the only three existing vulnerabilities:
1. Malware / Keyloggers on your PC
If your computer is infected with a trojan or an advanced keylogger, the hacker doesn't need to break the cryptography. They will simply record the keys you press while typing your Master Password, or dump the RAM while PassMana is unlocked. Solution: Keep your OS clean and only download software from trusted sources.
2. Social Engineering & Rubber-hose Cryptanalysis
The oldest hacking technique in the world. Someone could trick you (phishing), spy on you while typing (shoulder surfing), or in extreme scenarios, physically threaten you until you reveal it. Math cannot protect you from physical threats or mental deception.
3. A weak Master Password
If your password is "Password123" or your dog's name, Argon2id will protect you
for a bit, but a targeted dictionary attack will eventually find it in a few hours.
Solution: Use a Passphrase of 5 or more random words (e.g.
"Ocean-Eclipse-Copper-Vortex-Silicon").