Transform memorable objects and photos into complex, cryptographically secure passwords. Your passwords come from your things—hence, Passthing. No master password to remember.
Select any physical object or choose a photo from your library. It could be your coffee mug, a book cover, or a plant.
Frame your object in the viewfinder and capture multiple samples. Passthing generates a unique password based on the visual signature.
When you need your password, simply point your camera at the same object or select the same photo. Your password is instantly retrieved and copied.
Advanced DCT-based perceptual hashing creates consistent signatures even with lighting or angle variations in camera mode.
Image mode uses SHA-256 cryptographic hashing for exact-match security. Only the exact same image file will work.
All data stays on your device. No internet required. No accounts. No data collection. Complete privacy.
Fine-tune matching sensitivity in camera mode. Balance convenience with security based on your needs.
Passthing isn't trying to replace traditional password managers—it's a fundamentally different philosophy. Use it alongside your existing manager. If you need autofill, cloud sync, and access from anywhere, traditional managers are great. But if you want to add a zero-storage, zero-cloud solution where physical objects are your keys, Passthing is for you.
Perceptual hashing is a technique that creates a "fingerprint" of an image based on its visual content rather than its exact pixels. Unlike traditional cryptographic hashes (where changing a single pixel completely changes the hash), perceptual hashes remain similar for images that look similar to the human eye.
Passthing uses DCT-based (Discrete Cosine Transform) perceptual hashing in Camera mode. When you capture your passthing, the image is downsampled to 32×32 pixels, converted to grayscale, and analyzed to extract visual patterns. This creates a 1,024-bit signature that stays consistent even when lighting changes, angles shift slightly, or the camera is different.
The result: You can point your iPhone at your coffee mug today and your iPad at the same mug tomorrow, and Passthing will recognize it as the same object—even though the exact pixels are different. This is what makes Camera mode practical for everyday use.
Passthing uses proven cryptography (HMAC-SHA256, HKDF) to generate passwords deterministically from visual signatures. Your device secret never leaves your device, and passwords are generated on-demand—they don't exist in storage.
Security depends on your choices: Camera mode relies on perceptual hashing (Hamming distance matching with adjustable thresholds), so security depends on choosing visually unique objects. Image mode uses SHA-256 cryptographic hashing—security depends on library size and unpredictable image selection.
Passthing's security model is different from traditional password managers. To generate your passwords, an attacker needs your unlocked device AND knowledge of which objects are your passthings AND what those objects are passthings for AND how you framed them.
Both are secure with different tradeoffs. Camera mode uses perceptual hashing with adjustable strictness—more forgiving but depends on object uniqueness. Image mode uses cryptographic hashing requiring exact file matches—security depends on library size and unpredictable selection.
Passthing offers two backup methods to recover your enrollments on a new device:
Both methods are accessible from Settings → Backup & Recovery. Without a backup, your passwords are only accessible through your device and physical objects, so creating backups is highly recommended.
Yes, but there's no automatic cloud sync. Instead, Passthing offers two manual methods (both in Settings → Backup & Recovery):
No cloud sync means complete privacy—your data never leaves your control.
Absolutely! Many users keep Passthing for their most critical accounts (email, banking, master passwords) while using traditional managers for everyday logins. It's a great hybrid approach—use physics-based security for what matters most.
In Camera mode, Passthing generates a 32×32 perceptual hash (1,024 bits) from your passthing. Security depends on three key factors:
The ROI zoom control helps when switching between devices with different cameras—not for security tuning. Focus on choosing unique, textured objects for the strongest security.
There's no limit. Create as many passthings as you need for different accounts and services.
Unfortunately, nothing can be done. Passthing generates passwords from your physical objects—no backup, no recovery, no "forgot password" link. If you lose your passthing, you lose access to that password. Some things aren't meant to last forever.
This is by design. The password is mathematically derived from your passthing and device secret. Without the passthing, the password cannot be recreated. Consider backing up important account recovery codes separately, or use multiple passthings for critical accounts.