Webful PasswordMaker

An app.

Makes secure, unique-per-site passwords.

Uses this established, portable protocol.

Works offline. No central database to get hacked. Good for these reasons.

Free. Open source. Available now.

Get it on Google Play

Beta versions

By getting the next version of the app early, you can help make it better.

You'll get all the latest features. And all the latest bugs. :)

Opt in for Android here or iOS here.

Getting Your Settings Right

You should check out the Settings before using the app for all your passwords, as it's a bit messy to change them later.

Here's what they do:

What's Advanced Mode?

The Enabled Advanced Settings button at the bottom of Settings gives you extra control over your password generation, but also makes the app more complicated.

Because it adds rules that can't work in the simpler, default mode, the change is permanent, so you should review this section and see if you'll use the extra features before you switch.

When you opt in

You won't lose your existing settings if you saved them before. The app will migrate your existing settings to an initial Profile. You'll see that most settings no longer live on the main Settings page, and can instead be managed by opening the Default Profile.


The most noticeable difference in Advanced mode is that you can have multiple independent password profiles. For example, you could have one set of rules for Sites requiring numbers or one for Ticketing.

You can rename or change your Default profile and add more. Once you have other Profiles you can delete the original Default too.

You can see and choose which Profile is in use each time you generate a password from the app's main screen.

Additional generate options

Advanced mode also adds most options you may see in other PasswordMaker protocol extensions and apps. Username & modifier are folded into a single option as explained on the Profile edit page. If you'd like more explanation of an Advanced setting here, please email passwordmaker@webful.uk.

What About Desktop?

Because the Webful app follows the existing PasswordMaker protocol, you've got options outside the mobile world too, including desktop browser extensions for Firefox and Chrome. There will probably be a web version of the app soon too, similar to this but with the modern interface of the Webful mobile app.


The PasswordMaker app sends no data to our servers, or anyone else's, except as required by your phone vendor and to attempt to* move your preferences (not any passwords) if you change device.

As the password making is deterministic we don't actually need a server, so nothing sensitive leaves your phone.

There are no accounts and nothing tracking your usage.

*This is a new feature, no promises


I'd love to hear your thoughts! Please email passwordmaker@webful.uk