hotfix srry <3

V3 Is here! Here is the Changelog

• 1. Removed Glow,
• 1. Replaced SVG Icons,
• 1. Better encryption MD5 Hashes the SHA256 hash (double protection)
• 1. Fixed the double "lock" icon for the password autofill
• 1. Autofill passwords are more accurate now
• 1. Fixed some bugs with the cancel button not closing the popup
• 1. Can't highlight text/select text (makes it feel cleaner)
• 1. Centered icons fix
• 1. More XSS Sanitizating
• 1. Change some formatting/colors.

Removed a lot of notifications (useless),
Added better salting / Encryption
Fixed dupes for autofill

v1.06 :D

• We fixed the auto fill password system and duplicated lock icons for the auto fill.
• Added new features for example: when you login into a new site that you don't have a password for it asks if you want to save it and you can update this password the same way :D

Sneak Peak Features:

Sync - Syncing passwords through devices via WiFi with secure codes. :D

Encryption and Security Fixes Summary

PBKDF2 Key Derivation
We replaced plain SHA-256 hashing with PBKDF2 using SHA-256. This applies thousands of iterations to the master password before generating an encryption key, which makes brute-force attacks far more difficult.

AES-GCM Vault Encryption
All stored passwords in the vault are now encrypted using AES-256-GCM. This provides both confidentiality (data cannot be read without the key) and integrity (modifications can be detected).

Unique Salts and Nonces
A random salt is generated for PBKDF2 and a random nonce (IV) is generated for AES-GCM during encryption. This ensures that even if two users set the same master password, their derived keys and encrypted vaults are different.

Secure Storage
The derived encryption key is never stored. Only the salt, nonce, and ciphertext are saved in browser.storage.local. This means that even if the storage is extracted, the vault cannot be decrypted without the correct master password.

Stronger Verification
During login, the master password is passed through PBKDF2 with the stored salt to re-derive the encryption key. That key is then used to attempt AES-GCM decryption of the vault. If decryption succeeds, the password is correct. If it fails, login is denied.

Fixed a lot of bugs, Password Imports not working, Autofill not filling, themes that suck and yea

I removed emojis because they looked cringe and yea ugly not gonna lie.