PROJECT SYNOPSIS
BANKSHIELD
Secure Password Manager & Protection System
Academic Year 2024–25 | Python Project
Project Title BankShield – Secure Password Manager & Protection System
Language / Tech Python 3.8+ | cryptography library | Tkinter GUI
Group Members
Sr. Name SAP ID
1 Nabhansh Rishi Gaur 590028370
2 Yatharth Joshi 590028339
3 Kumar Parth 590028277
4 Jatin Singh 5900 (to be updated)
Brief Point-Wise Introduction
• The project aims to build a Python-based secure password manager called BankShield that
allows users to store, manage, and protect their passwords using bank-grade encryption.
• All stored passwords are encrypted using AES-256 via the Fernet symmetric encryption
scheme from Python’s cryptography library, ensuring no plaintext data is ever written to disk.
• A master password mechanism is implemented using PBKDF2-HMAC-SHA256 key derivation
with 480,000 iterations and a random 32-byte salt, providing strong resistance against brute-
force attacks.
• The system includes a built-in Password Strength Analyzer that evaluates passwords based on
length, character diversity, entropy, and checks against a list of commonly-used passwords.
• A cryptographically secure Password Generator is provided that creates random passwords or
human-friendly passphrases using Python’s secrets module.
• A Security Audit feature scans the entire vault to detect weak passwords, reused passwords
across multiple sites, and passwords that have not been changed in over 180 days.
• At the final stage, a Graphical User Interface (GUI) using Tkinter will be integrated to make the
system more accessible and user-friendly.
Situations or Scenarios the Project Will Cover
• A first-time user sets up a new encrypted vault by creating a strong master password; the
system enforces minimum strength requirements before allowing vault creation.
• A returning user authenticates with their master password; after 3 consecutive failed attempts,
the system locks out and exits to prevent brute-force access.
� • A user adds a new entry (site, username, password, category, URL, notes); if they leave the
password blank, the system auto-generates a secure one of their chosen length.
• A user runs the Security Audit and discovers 3 weak passwords and 2 reused passwords
across different sites, then updates them using the built-in generator.
• A user searches the vault for a specific site name and views the entry detail screen, where the
password is hidden by default and can be temporarily revealed on demand.
• A user changes their master password; the system re-encrypts the entire vault under the new
key without any data loss.
Outlier or Exceptional Cases Not Handled
• The system does not provide browser auto-fill or integration with external websites; it is a
standalone local vault only.
• BankShield does not support cloud sync, multi-device access, or server-based storage – all
data is stored locally on the user’s machine.
• There is no account recovery mechanism; if the master password is forgotten, the vault cannot
be decrypted and all stored data is permanently inaccessible.
• The system does not perform real-time breach detection (e.g., HaveIBeenPwned API
integration) to check if stored passwords appear in known data breaches.
• Multi-user access or role-based permissions are not supported; the vault is designed for a
single user per instance.
• The chatbot does not handle off-topic queries, and no natural language processing (NLP) or
AI-based response generation is included beyond the predefined logic.
Submitted as part of Academic Project Requirement • 2024–25