Everything stays on your device. Always.
What data we collect
โWe do not collect any personal data.
โWe do not collect usage data or analytics.
โWe do not collect crash reports or telemetry.
โWe do not use tracking pixels, cookies, or fingerprinting.
โWe do not have a server. There is no backend.
How your data is stored
All credentials you save are stored locally on your device inside Chrome's sandboxed extension storage. No data is ever transmitted over the network.
| Data | Where | When cleared |
|---|---|---|
| Encrypted credentials | chrome.storage.local |
When you delete them |
| Session key | chrome.storage.session |
When the browser closes |
| Master password | Never stored | Discarded immediately after key derivation |
Encryption
Credentials are encrypted using AES-256-GCM before being written to storage. The encryption key is derived from your master password using PBKDF2 with 100,000 iterations and SHA-256.
Your master password is never stored anywhere โ not in memory, not on disk, not on any server. Only you can decrypt your data.
Third parties
Password Saver has no third-party dependencies. It does not load any external scripts, fonts, images, or resources. It makes no network requests of any kind.
Permissions used
- storage โ to save encrypted credentials locally on your device.
- notifications โ to prompt you to save a password after a login form is submitted.
- <all_urls> โ to detect login forms and provide autofill on any website you visit. No page content is read or transmitted.
Contact
Questions? Reach out via ko-fi.com/ylamsaou.
Last updated: May 2026