GPASS: A Password Manager with Group-Based Access Control

Thanh Bui, Tuomas Aura

Research output: Chapter in Book/Report/Conference proceedingChapterScientificpeer-review

1 Citation (Scopus)


Password managers make it easy for users to choose stronger and more random passwords without the burden of memorizing them. While the majority of our passwords should be kept secret, sharing passwords and access codes is necessary in some cases. In this paper, we present GPASS—a password manager architecture that allows groups to share passwords via an untrusted server. GPASS provides its own cryptographic access control mechanism in which all the information is transparent to the clients so that they can detect any misbehavior of the server. We implemented a proof-of-concept prototype to demonstrate the feasibility and effectiveness of the architecture.
Original languageEnglish
Title of host publicationSecure IT Systems
Subtitle of host publication22nd Nordic Conference, NordSec 2017, Tartu, Estonia, November 8–10, 2017, Proceedings
EditorsHelger Lipmaa, Aikaterini Mitrokotsa, Raimundas Matulevičius
Place of PublicationCham
Number of pages16
ISBN (Electronic)978-3-319-70290-2
ISBN (Print)978-3-319-70289-6
Publication statusPublished - 2017
MoE publication typeA3 Book section, Chapters in research books
EventNordic Conference on Secure IT Systems - Tartu, Estonia
Duration: 8 Nov 201710 Nov 2017
Conference number: 22

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceNordic Conference on Secure IT Systems
Abbreviated titleNordSec


Dive into the research topics of 'GPASS: A Password Manager with Group-Based Access Control'. Together they form a unique fingerprint.

Cite this