STRONGSEC

Tracking since Apr 14, 2026.

Changelog

• May 4, 2026
  description

  STRONGSEC is a secure, modern password manager and generator built for real-world usage.
  
  🔐 Security First Approach
  • All passwords are encrypted locally using AES-GCM
  • Master password is never stored and is used to derive keys via PBKDF2
  • Vault remains locked with an auto-lock system and secure session handling
  • Encryption keys are stored only in memory (session-based) and never persisted in plain form
  
  🧠 Smart Autofill & Detection
  • Automatically detects login and signup forms
  • Context-aware system distinguishes between login and registration flows
  • Intelligent multi-account support for websites with multiple saved credentials
  • Works reliably even on modern SPA websites (React, Vue, etc.)
  
  ⚡ Password Management
  • Generate strong and unique passwords instantly
  • Automatically save newly created credentials after signup
  • Secure autofill for login forms
  • Inline UI suggestions directly on password fields
  
  🚨 Breach Detection (Have I Been Pwned)
  • Checks passwords using the Have I Been Pwned API
  • Uses k-anonymity model — your full password is never sent
  • Alerts users if a password has been exposed in known data breaches
  
  🛡️ Privacy First Design
  • All encryption and operations happen locally on your device
  • Your passwords never leave your browser
  • No servers, no cloud sync, no external storage
  • No tracking, no analytics, no data collection
  • Passwords are never stored in plain text
  
  STRONGSEC is designed for users who want a lightweight, privacy-focused and secure alternative to traditional password managers.

  STRONGSEC is a secure, modern password manager and generator built for real-world usage.
  
  🔐 Security First Approach
  • All passwords are encrypted locally using AES-GCM
  • Master password is never stored and is used to derive keys via PBKDF2
  • Vault remains protected with manual lock and secure session handling
  • By default, vault keys are kept in memory during the active session
  • Optional “Remember this device” mode keeps the vault unlocked on trusted personal devices until the user manually locks it
  • Plaintext passwords and the master password are never stored
  
  🧠 Smart Autofill & Detection
  • Automatically detects login and signup forms
  • Context-aware system distinguishes between login and registration flows
  • Intelligent multi-account support for websites with multiple saved credentials
  • Works reliably even on modern SPA websites (React, Vue, etc.)
  • Improved signup save suggestions for modern registration flows
  
  ⚡ Password Management
  • Generate strong and unique passwords instantly
  • Automatically save newly created credentials after signup
  • Secure autofill for login forms
  • Inline UI suggestions directly on password fields
  • Optional trusted-device unlock experience for smoother daily use
  
  🚨 Breach Detection (Have I Been Pwned)
  • Checks passwords using the Have I Been Pwned API
  • Uses k-anonymity model, so your full password is never sent
  • Alerts users if a password has been exposed in known data breaches
  
  🛡️ Privacy First Design
  • All password encryption and vault operations happen locally on your device
  • Your plaintext passwords never leave your browser
  • No servers, no cloud password storage, no account sync
  • No tracking, no analytics, no data collection
  • Passwords are never stored in plain text
  
  🔐 New in this update
  • Added optional “Remember this device” mode for trusted personal devices
  • Improved signup save suggestion reliability on modern websites
  • Fixed popup button layout and readability issues
  
  STRONGSEC is designed for users who want a lightweight, privacy-focused and secure alternative to traditional password managers.

Permissions & access

Permissions

storageactiveTabtabs

Host access

https://api.pwnedpasswords.com/*

Screenshots