# lesspass/lesspass **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/lesspass-lesspass).** 6,030 stars · 356 forks · TypeScript · GPL-3.0 ## Links - GitHub: https://github.com/lesspass/lesspass - Homepage: https://www.lesspass.com - awesome-repositories: https://awesome-repositories.com/repository/lesspass-lesspass.md ## Topics `anonymous` `lesspass` `password` `password-manager` `passwords` `privacy` `self-hosted` ## Description LessPass is a stateless password manager that generates deterministic, site-specific passwords entirely on the client device. It uses a pure function to derive passwords from a master password combined with site details, producing the same output every time without storing any secrets on a server or requiring network access. This approach means passwords can be recalculated on any device from remembered inputs, with no database synchronization needed. The project distinguishes itself through its counter-based password rotation, which allows changing a site's password by incrementing a counter while keeping the master password unchanged. It provides cross-platform client applications including a web interface, browser extensions, and an Android app, all performing password derivation locally. Users can save complex password profiles that store site-specific rules like character types and length, excluding the master password, to reuse settings across sessions without re-entering details. For those who prefer full data control, LessPass supports self-hosted deployment of the password profile database using Docker and Docker Compose. The documentation covers installation through these client applications and the self-hosting setup. ## Tags ### Security & Cryptography - [Stateless Password Managers](https://awesome-repositories.com/f/security-cryptography/password-management/stateless-password-managers.md) — Generates and manages passwords using deterministic derivation without storing any secrets on a server or device. - [Offline](https://awesome-repositories.com/f/security-cryptography/password-generators/offline.md) — Creates passwords entirely on the device without requiring a network connection or database synchronization. ([source](https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4)) - [Deterministic Derivations](https://awesome-repositories.com/f/security-cryptography/password-management/deterministic-derivations.md) — Recreates a password on demand from remembered inputs without needing to sync or store any password data. ([source](https://blog.lesspass.com/lesspass-comment-%C3%A7a-marche-9f1201fffda5)) - [Deterministic Derivations](https://awesome-repositories.com/f/security-cryptography/password-management/key-derivation-functions/deterministic-derivations.md) — Implements deterministic password derivation using a pure function that produces the same output from the same inputs. - [Offline](https://awesome-repositories.com/f/security-cryptography/password-management/key-derivation-functions/offline.md) — Derives passwords entirely on the device without requiring network access or database synchronization. - [Site-Specific Password Managers](https://awesome-repositories.com/f/security-cryptography/password-management/site-specific-password-managers.md) — Creates deterministic, unique passwords for each website using a master password and site identifier. ([source](https://blog.lesspass.com/lesspass-comment-%C3%A7a-marche-9f1201fffda5)) - [Counter-Based Rotations](https://awesome-repositories.com/f/security-cryptography/password-management/site-specific-password-managers/counter-based-rotations.md) — Provides counter-based password rotation that generates new passwords without changing the master password. - [Customizable Generations](https://awesome-repositories.com/f/security-cryptography/password-management/site-specific-password-managers/customizable-generations.md) — Applies site-specific constraints like character types and length to the generated password. ([source](https://blog.lesspass.com/lesspass-come-funziona-5d1785b4a564)) - [Deterministic Derivations](https://awesome-repositories.com/f/security-cryptography/public-key-authentication/public-key-retrieval/public-key-derivations/password-derived-key-generation/deterministic-derivations.md) — Recreates the same password on any device without network access by using a pure function. ([source](https://blog.lesspass.com/lesspass-come-funziona-5d1785b4a564)) - [Offline](https://awesome-repositories.com/f/security-cryptography/secure-randomizers/password-generators/offline.md) — Generates passwords entirely on the client device without any network connection or database synchronization. ([source](https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4)) - [Counter-Based Rotations](https://awesome-repositories.com/f/security-cryptography/session-management/inactivity-session-termination/master-password-locks/counter-based-rotations.md) — Changes a site's password by incrementing a counter in the generation options, producing a different result. ([source](https://blog.lesspass.com/lesspass-come-funziona-5d1785b4a564)) - [Counter-Based Rotations](https://awesome-repositories.com/f/security-cryptography/user-account-management/password-resets/idor-in-password-changes/password-changes/counter-based-rotations.md) — Increments a counter in the password profile to generate a new, unique password for the same site and login. ([source](https://blog.lesspass.com/lesspass-come-funziona-5d1785b4a564)) - [Password Access Restrictions](https://awesome-repositories.com/f/security-cryptography/domain-access-restrictions/request-access-restrictions/password-access-restrictions.md) — Provides password access through a web interface, browser extensions, and an Android app without syncing. ([source](https://blog.lesspass.com/lesspass-comment-%C3%A7a-marche-9f1201fffda5)) - [Cross-Device Password Access](https://awesome-repositories.com/f/security-cryptography/domain-access-restrictions/request-access-restrictions/password-access-restrictions/cross-device-password-access.md) — Retrieves passwords across web, browser, and mobile clients without syncing or network dependency. - [Counter-Based Password Rotations](https://awesome-repositories.com/f/security-cryptography/password-management/site-specific-password-managers/counter-based-password-rotations.md) — Increments a counter to generate a new password for a site without changing the master password. ([source](https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4)) - [Password Profile Stores](https://awesome-repositories.com/f/security-cryptography/password-management/site-specific-password-managers/password-profile-stores.md) — Stores a password's profile, excluding the master password, to handle sites with specific character or length requirements. ([source](https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4)) - [Profile-Based Configurations](https://awesome-repositories.com/f/security-cryptography/password-management/site-specific-password-managers/profile-based-configurations.md) — Stores site-specific password rules like length and character types to reuse them without re-entering details. ([source](https://blog.lesspass.com/lesspass-how-it-works-dde742dd18a4)) - [Profile-Based Configurations](https://awesome-repositories.com/f/security-cryptography/secure-randomizers/password-generators/profile-based-configurations.md) — Saves password generation settings excluding the master password to reuse rules across sessions. ([source](https://blog.lesspass.com/lesspass-wie-funktioniert-das-9483e5fc2c09)) - [Counter-Based Password Rotations](https://awesome-repositories.com/f/security-cryptography/user-account-management/password-resets/idor-in-password-changes/password-changes/counter-based-password-rotations.md) — Increments a counter in the password options to generate a new password while keeping the master password unchanged. ([source](https://blog.lesspass.com/lesspass-comment-%C3%A7a-marche-9f1201fffda5)) ### Business & Productivity Software - [Cross-Platform Applications](https://awesome-repositories.com/f/business-productivity-software/cross-platform-applications.md) — Ships cross-platform client applications including a web interface, browser extensions, and an Android app. ### Software Engineering & Architecture - [Client-Side Computations](https://awesome-repositories.com/f/software-engineering-architecture/stateless-architectures/client-side-computations.md) — Derives passwords entirely on the client device without requiring network access or database synchronization. ### Part of an Awesome List - [Profile-Based Configurations](https://awesome-repositories.com/f/awesome-lists/security/password-cracking/rule-based-password-crackers/profile-based-configurations.md) — Stores password generation settings excluding the master password to reuse rules across sessions. - [Password Managers](https://awesome-repositories.com/f/awesome-lists/security/password-managers.md) — Stateless password manager for secure credential generation. ### Networking & Communication - [Cross-Platform Password Clients](https://awesome-repositories.com/f/networking-communication/cross-platform-clients/cross-platform-password-clients.md) — Provides a web interface, browser extensions, and an Android app for password access without syncing.