BANK OF PASSWORDS: a secure Android password manager implemented based on specific requirements

Abstract

Passwords serve as a vital means to safeguard our digital accounts. Many individuals resort to conventional methods like writing down passwords on paper or storing them on cloud services, often overlooking security risks, forgetting, and divulging is the most notable, which leads to loss of access to accounts, or potential breaches. In this paper, we propose the development of an Android application named "BANK OF PASSWORD" to address this issue. Our work focuses on creating a lightweight app equipped with essential functionalities desired by users, including password addition, updating, copying, searching, and deletion. To ensure the security of stored passwords, our approach incorporates various protective measures, such as access restriction through a login process and the utilization of SHA256 hashing and AES256 encryption for password encryption, where stored passwords are securely encrypted and stored as ciphertexts within an SQLite database. A fingerprint authentication was implemented as a second login method. Extensive testing of the application demonstrates the successful functioning of all proposed features and requirements on devices running API level 26 or above.