Blackbox – A Minimal Password Manager

Video Demo:

---

Description

Blackbox is a minimalistic, single-user password manager built as the final project for Harvard’s CS50x course. It was designed with a sleek, black-and-white themed interface to deliver both simplicity and functionality. The app enables a user to securely store and manage passwords using Flask, SQLite, and AES encryption, wrapped in a clean Tailwind CSS styled frontend.

The motivation behind this project was to create a secure, lightweight alternative to bulky password managers—focusing on speed, minimalism, and privacy.

Key Features

• Single-user login system – Access is controlled by a single master key (no multi-user or signup).
• Encrypted password storage – Passwords are encrypted before being saved in the database and decrypted upon retrieval.
• Minimal dark-themed UI – Aesthetic and distraction-free design.
• Password CRUD (basic) – Add and delete stored passwords.
• Quick access button – A floating button (bottom-fixed) to add new credentials quickly.
• Page loading animation – Enhances UX by offering a polished, modern experience.

Future Enhancements

While the MVP includes only core features due to time constraints, the roadmap includes:

• Password update/edit functionality.
• Built-in password generator.
• Storage for API keys, crypto wallet recovery codes, and large text notes.
• Secure file storage.
• Multi-user support with separate vaults.

---

File Structure

project/
├─ static/              # Static files (CSS, JS, SVGs)
├─ templates/           # HTML templates (login.html, index.html, layout.html, apology.html, etc.)
├─ app.py               # Main Flask app with routes and logic
├─ blackbox.db          # SQLite database
│   ├─ credentials      # Stores encryption key
│   ├─ users            # Stores user ID + hashed master key
│   └─ vault_items      # Stores encrypted passwords + metadata (title, username, url, notes)
├─ helpers.py           # Utility functions (login_required, encryption/decryption)
├─ pin_hash_creation.py # Script to generate and store master pin hash
├─ requirements.txt     # Dependencies (Flask, cryptography, etc.)

---

Technologies Used

• Frontend: HTML, CSS, JavaScript, Tailwind CSS
• Backend: Python (Flask)
• Database: SQLite
• Security: Storing passwords in encrypted form, hashed master key

---

Tools Used

• Chatgpt: For UI design and debugging.
• duck duck go: A browser search engine for using the internet.
• CS50.dev: Cs50 codespace to develop project in.

---

How It Works

1. Authentication: User logs in with a master key (hashed and verified).
2. Vault Access: Once logged in, the user can view, add, or delete saved credentials.
3. Encryption: Before saving, passwords are encrypted using the stored key in the credentials table.
4. Decryption: When retrieved, they are decrypted in real-time for user display.
5. UI Interaction: A floating button triggers the form for adding new credentials.

---

Installation & Setup

1. Clone the repository:

   git clone <repo-url>
   cd blackbox

2. Install dependencies:

   pip install -r requirements.txt

3. Initialize the database (if not present).

4. Run the app:

   flask run

5. Open your browser at http://127.0.0.1:5000/

---

Demo Credentials

• Master Key: (Set during initial setup using pin_hash_creation.py).

---

License

This project was created as part of CS50x 2025. It is a learning project and not intended for production use. Security may not be industry-grade.

---

Author

Developed by S. Pratham – IT student, aspiring AI & software developer.