AliasVault

Live demo 🔥 • Website 🌐 • Documentation 📚 • Installation ⚙️

Open-source password and alias manager

AliasVault is an open-source password and alias manager built with C# ASP.NET technology. AliasVault can be self-hosted on your own server with Docker, providing a secure and private solution for managing your online identities and passwords.

What makes AliasVault unique:

• Zero-knowledge architecture: All data is end-to-end encrypted on the client and stored in encrypted state on the server. Your master password never leaves your device and the server never has access to your data.
• Built-in email server: AliasVault includes its own email server that allows you to generate virtual email addresses for each alias. Emails sent to these addresses are instantly visible in the AliasVault app.
• Alias generation: Generate aliases and assign them to a website, allowing you to use different email addresses and usernames for each website. Keeping your online identities separate and secure, making it harder for bad actors to link your accounts.
• Open-source: The source code is available on GitHub and can be self-hosted on your own server.

Note: AliasVault is currently in active development and some features may not yet have been (fully) implemented. If you run into any issues, please create an issue on GitHub.

Live demo

A live demo of the app is available at the official website at app.aliasvault.net (up-to-date with main branch). You can create a free account to try it out yourself.

Installation

To install AliasVault, the easiest method is to use the provided install script. This will download the pre-built Docker images and start the containers.

1. Install using install script

This method uses pre-built Docker images and works on minimal hardware specifications:

• Linux VM with root access (Ubuntu or RHEL based distros recommended)
• 1 vCPU
• 512MB RAM
• 16GB disk space
• Docker installed

# Download install script
curl -o install.sh https://raw.githubusercontent.com/lanedirt/AliasVault/main/install.sh

# Make install script executable and run it. This will create the .env file, pull the Docker images, and start the AliasVault containers.
chmod +x install.sh
./install.sh install

2. Post-Installation

The install script will output the URL where the app is available. By default this is:

• Client: https://localhost
• Admin portal: https://localhost/admin

Note: If you want to change the default AliasVault ports you can do so in the docker-compose.yml file for the nginx (reverse-proxy) container.

Detailed documentation

For more detailed information about the installation process and other topics, please see the official documentation website:

• Documentation website (docs.aliasvault.net) 📚

Here you can also find step-by-step instructions on how to install AliasVault to e.g. Azure, AWS and other popular cloud providers.

Security Architecture

AliasVault takes security seriously and implements various measures to protect your data:

• All sensitive user data is encrypted end-to-end using industry-standard encryption algorithms. This includes the complete vault contents and all received emails.
• Your master password never leaves your device.
• Zero-knowledge architecture ensures the server never has access to your unencrypted data

For detailed information about our encryption implementation and security architecture, see the following documents:

• SECURITY.md
• Security Architecture Diagram

Tech stack / credits

The following technologies, frameworks and libraries are used in this project:

• C# - A simple, modern, object-oriented, and type-safe programming language.
• ASP.NET Core - An open-source framework for building modern, cloud-based, internet-connected applications.
• Entity Framework Core - A lightweight, extensible, open-source and cross-platform version of the popular Entity Framework data access technology.
• Blazor WASM - A framework for building interactive web UIs using C# instead of JavaScript. It's a single-page app framework that runs in the browser via WebAssembly.
• Playwright - A Node.js library to automate Chromium, Firefox and WebKit with a single API. Used for end-to-end testing.
• Docker - A platform for building, sharing, and running containerized applications.
• SQLite - A C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine.
• Tailwind CSS - A utility-first CSS framework for rapidly building custom designs.
• Flowbite - A free and open-source UI component library based on Tailwind CSS.
• Konscious.Security.Cryptography - A .NET library that implements Argon2id, a memory-hard password hashing algorithm.
• SRP.net - SRP6a Secure Remote Password protocol for secure password authentication.
• SmtpServer - A SMTP server library for .NET that is used for the virtual email address feature.
• MimeKit - A .NET MIME creation and parser library used for the virtual email address feature.