-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
c917bf0
commit 771da30
Showing
1 changed file
with
102 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,102 @@ | ||
| <!DOCTYPE html> | ||
| <html lang="en"> | ||
| <head> | ||
| <meta charset="UTF-8"> | ||
| <meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
| <title>Security Policy - PasswordSentinel</title> | ||
| <link href="https://fonts.googleapis.com/css2?family=PT+Serif:wght@400;700&display=swap" rel="stylesheet"> | ||
| <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css"> | ||
| <link rel="stylesheet" href="/policies/policies-styles.css"> | ||
| </head> | ||
| <body> | ||
| <header> | ||
| <div class="header-container"> | ||
| <div class="header-nav"> | ||
| <a href="/index.html" class="back-button"> | ||
| <i class="fas fa-arrow-left"></i> Back | ||
| </a> | ||
| </div> | ||
| <div class="header-logo"> | ||
| <a href="/index.html">PasswordSentinel</a> | ||
| </div> | ||
| </div> | ||
| </header> | ||
|
|
||
| <main> | ||
| <h1>PasswordSentinel's Security Policy</h1> | ||
|
|
||
| <section class="policy-section"> | ||
| <h2><i class="fas fa-shield-alt"></i> Disclaimer: Use at Your Own Risk</h2> | ||
| <p>PasswordSentinel is a locally-run, open-source tool designed for personal use. Since this web application operates only on your device, PasswordSentinel cannot guarantee the security of your data beyond local storage. By using this tool, you accept full responsibility for any risks associated with its usage. PasswordSentinel is provided "as is," with no warranty or liability for data loss, breaches, or misuse.</p> | ||
| </section> | ||
|
|
||
| <section class="policy-section"> | ||
| <h2><i class="fas fa-lock"></i> Key Security Features</h2> | ||
| <div class="security-features"> | ||
| <div class="feature-card"> | ||
| <h3>AES-GCM 256-bit Encryption</h3> | ||
| <p>We use industry-standard encryption to secure your data, ensuring it remains unreadable even if intercepted.</p> | ||
| </div> | ||
| <div class="feature-card"> | ||
| <h3>Local Storage Only</h3> | ||
| <p>Your data never leaves your device, providing an additional layer of security and privacy.</p> | ||
| </div> | ||
| <div class="feature-card"> | ||
| <h3>Secure Key Generation</h3> | ||
| <p>We use the Web Crypto API to generate cryptographically secure keys for your data.</p> | ||
| </div> | ||
| <div class="feature-card"> | ||
| <h3>Zero-Knowledge Architecture</h3> | ||
| <p>We have no access to your passwords or encryption keys, ensuring complete privacy.</p> | ||
| </div> | ||
| </div> | ||
| </section> | ||
|
|
||
| <div class="policy-grid"> | ||
| <section class="policy-section"> | ||
| <h2><i class="fas fa-user-shield"></i> User Responsibilities</h2> | ||
| <p class="grid-subtitle">To enhance your security while using PasswordSentinel, please follow these best practices:</p> | ||
| <ul> | ||
| <li>Use a strong, unique master password</li> | ||
| <li>Keep your device secure and up-to-date</li> | ||
| <li>Regularly update your passwords and security settings</li> | ||
| <li>Be cautious of phishing attempts and suspicious links</li> | ||
| </ul> | ||
| </section> | ||
|
|
||
| <section class="policy-section"> | ||
| <h2><i class="fas fa-sync-alt"></i> Continuous Improvement</h2> | ||
| <p class="grid-subtitle">While we aim to improve security where feasible, please note that this is a community-driven project:</p> | ||
| <ul> | ||
| <li>Regular security audits and penetration testing are not conducted</li> | ||
| <li>We strive to stay informed of the latest security best practices</li> | ||
| <li>Vulnerabilities, when reported, are addressed transparently</li> | ||
| <li>Transparent communication about security updates and changes</li> | ||
| </ul> | ||
| </section> | ||
| </div> | ||
|
|
||
| <div class="policy-grid"> | ||
| <section class="policy-section"> | ||
| <h2><i class="fas fa-sync-alt"></i>Open Source</h2> | ||
| <p class="grid-subtitle">This project is open-source and relies on community support. While we strive to maintain best practices, please note:</p> | ||
| <ul> | ||
| <li>No formal security audits or penetration testing are conducted</li> | ||
| <li>We encourage users to review and suggest security improvements</li> | ||
| <li>Issues can be reported, but users should exercise caution as official support is limited</li> | ||
| <li>Updates and changes are communicated transparently through the open-source community</li> | ||
| </ul> | ||
| </section> | ||
|
|
||
| <section class="policy-section"> | ||
| <h2><i class="fas fa-question-circle"></i> Security FAQs</h2> | ||
| <ul> | ||
| <li><strong>Is my data stored on your servers?</strong> No, all data is stored locally on your device, and does not store or transmit any data to external servers.</li> | ||
| <li><strong>What happens in the event of a security issue?</strong> Since PasswordSentinel is an open-source project and locally operated, there is no dedicated support team for handling breaches. Use this tool at your discretion.</li> | ||
| <li><strong>Can I request a security audit?</strong> As this is a community-supported project, no formal security audits are conducted. However, the source code is openly available for review.</li> | ||
| </ul> | ||
| </section> | ||
| </div> | ||
| </main> | ||
| </body> | ||
| </html> |