Fork me on GitHub


The only password manager that's truly impenetrable.

Get it here

How it works

Traditional password managers store strong, complex passwords, for all the different sites you use, in one single, secured location.

However, this single location also presents a single point of failure, and any weaknesses in it will put all your accounts at risk.

NilPass is different.

When setting up an account, NilPass creates a strong, complex password, which it enters directly, never revealing the password on-screen.

Then, once the password has been set and the user has been logged in, NilPass dutifully forgets the new password, completely and altogether.

The next time you need to log in, you do it by clicking "I forgot my password", getting a password reset link via email, and repeating the above steps.

Get NilPass

F. A. Q.



Doesn't that mean anybody who gets into my email could break into my accounts?

Yes. That was already the case, whether you use NilPass or not. Without NilPass, they also could get in by guessing your password. All using NilPass does is reduce the number of ways you can get pwned.

What if somebody guesses the password that NilPass sets?

With 80 bits of cryptographic entropy (what NilPass uses by default), the odds of that are literally one in a million billion billion. If the NSA dedicated all of their code-cracking computer power just toward cracking your NilPass password, it would take them somewhere on the order of tens of thousands of years to find by brute force.

I know, 14 characters doesn't look like much, but exponents are tricky like that.

How can you call this "impenetrable" when it's just a browser extension?

Okay, I concede that the extension itself isn't truly impenetrable - it's only as "impenetrable" as the browser itself. On top of that, the account that publishes the extension could also get potentially compromised at some point in the future. These are valid points. (Of course, they're also points that are true for any other password manager with a browser extension.)

Where NilPass is impenetrable, in contrast to any conventional "password manager", is in the realm of what could happen to your existing passwords in the event that the manager is compromised. Since NilPass doesn't keep a record of any sort of data that could be used to reconstruct the password, there is no way that your passwords can be stolen from NilPass after the fact in the event that the codebase is compromised.

Some of my websites don't offer password reset by email, or if they do, it's really awkward.

Well, then don't use NilPass for those websites.

Look, I'm not saying this is the be-all-end-all of credential management. The truth is, there are some situations out there where it's fully justified to use an actual password - the kind that you actually memorize, and produce from memory every time you need to authenticate yourself.

The thing is, that's not every site - for the long tail of sites people use, where you're only logging in occasionally, maintaining a password is a nuisance, one that is fragile and error-prone. For sites like these, you're better off just disabling password access, and relying on your email inbox as your center of identity (especially since that's likely how the rest of your online life already works anyway, more or less).

But yeah, if you have a site that you log into frequently, and it's inconvenient to check your email every time, and you want it to be secure, you're better off just using a real password - one you keep in your head, not your computer. (That's not to say you have to memorize it by itself - there are lots of good mnemonic devices you could draw inspiration from. I recommend Hashblot.)