International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 12 Issue: 11 | Nov 2025
p-ISSN: 2395-0072
www.irjet.net
CypherVault: A Comprehensive Security Framework for Password Management Using Multi-Tier Encryption and Firebase Authentication Aditya Chavan1, Pavan Dhote2, Dhanshree Dhanwai3 1Aditya Chavan, Vishwakarma Institute of Technology, Pune, Maharashtra 2Pavan Dhote, Vishwakarma Institute of Technology, Pune, Maharashtra Dhanshree Dhanwai, Vishwakarma Institute of Technology, Pune, Maharashtra ---------------------------------------------------------------------***--------------------------------------------------------------------architectural vulnerabilities, centralization issues, and Abstract - Password protection remains the most critical 3
inadequate encryption key management practices. Users frequently cannot tell apart secure and generic password managers, and uptake is low because of negative perceptions about usability and trust.
security concern in current digital environments since over 90% of data breaches involve compromised passwords. This article presents CypherVault, the first multi-layer password management system that brings together Advanced Encryption Standard (AES-256) encryption with Firebase Authentication services for providing enterprise-class security for password storage and management. Our solution mitigates inherent weaknesses in current password management systems by a three-tier security framework: Core Security (Tier 1) using simple AES-256 encryption and secure hashing; Enhanced Security (Tier 2) with two-factor authentication and breach detection; and Elite Security (Tier 3) with biometric authentication and hardware-based security keys. The architecture of the system employs React TypeScript as the frontend, Firebase Firestore as the database management, and has client-side encryption to provide zero-knowledge security practices. Performance testing shows that CypherVault provides 99.7% uptime with response times less than 200ms for password retrieval actions and ensures cryptographic security standards. Security testing shows resistance against typical attack channels such as brute-force attacks, rainbow table attacks, and man-in-the-middle attacks. The architecture accommodates cross-platform deployment with responsive design patterns and provides end-to-end audit logging to meet compliance needs. User experience testing results in 89% user satisfaction with the user interface design and 94% confidence in security controls. The implementation proves that contemporary web technologies can successfully provide enterprise-class password security with no impact on usability or performance.
CypherVault is envisioned as a futuristic, modular, and very secure password storage system that breaks away from traditional architectures. It comes with a three-layer modular security architecture, in which the user can select the amount of security needed—from basic secret storage to military-level identity protection with hardware and biometric key authentication. This approach empowers both casual and experienced users through the capability to increase security in accordance with changing threat models. CypherVault provides backend agnosticism by client-side encryption and uses cryptographic salt, PBKDF2-HMAC key derivation, and AES-256 encryption and is in compliance with the NIST and OWASP security protocols. This paper describes each step of CypherVault, from system design and encryption pipeline architecture to UI testing, user behavior analysis, and cryptographic benchmarking. Our framework shows that client-side security can surpass conventional server-side password managers in terms of data isolation and attack surface mitigation.
2. LITERATURE REVIEW A. Gautam, T.K. Yadav, K. Seamons, S. Ruoti [1] have published "Passwords Are Meant to Be Secret: A Practical Secure Password Entry Channel for Web Browsers". The paper examines current browser password managers and points out the weaknesses of password autofill, where browsing scripts or extensions can capture credentials. The authors show that 97% of the Alexa top 1,000 websites are vulnerable to password theft after autofill. The authors suggest a defense in which the browser autofills dummy credentials that are only overwritten by real user input immediately before network transmission, thereby defending against most automated extraction attacks.
Key Words: AES encryption, Firebase authentication, password management, React TypeScript, web security
1. INTRODUCTION In the modern cybersecurity environment, password compromise is the single greatest source of account takeovers and enterprise data breaches. Even with several encryption standards and password managers having been available since the early 2000s, actual-world breaches—like LastPass and Bitwarden—have revealed
© 2025, IRJET
|
Impact Factor value: 8.315
|
ISO 9001:2008 Certified Journal
|
Page 301