Works on Chrome, Edge, Brave, Firefox, and Safari
The TheCode Browser Extension automatically generates secure, unique passwords for every website using:
- the website domain, and
- your secret key (session key)
With TheCode, you never store passwords and never need to remember them.
Just enter the same secret key again, and the extension will regenerate the exact same password for each website.
➡️ One key to unlock secure passwords everywhere.
➡️ No storage, no sync, no risk.
- 🔍 Detects password fields on any website
- ⚡ Suggests a deterministic password generated from your session key + domain
- 🔒 Never stores generated passwords
- 💾 Your session key is kept only in memory while the service worker is active
- 🌍 Works across Chrome, Edge, Brave, Firefox, and Safari
- 🧪 Password generation algorithm is fully unit-tested
- 🧂 Optional local storage of a non-secret salt per site to allow consistent derivations after browser restarts
Your session key is neither transmitted nor persisted. All generation is performed locally within the browser.
- You open the extension popup
- You enter your session key
- The background service worker holds the derived key in memory only
- When you visit a site, the extension:
- detects password fields
- identifies the domain
- generates a deterministic password
- injects it into the form field
If the service worker is restarted (MV3 behavior), the session key is lost and must be re-entered.
You can download TheCode from the official browser extension stores:
Download the extension archive from the Releases page.
- Download and unzip the extension archive
- Open:
chrome://extensions- or
edge://extensions
- Enable Developer mode
- Click Load unpacked
- Select the extension folder (thecode-extension)
- Open the extension icon and enter your session key
- Download and unzip the extension archive
- Copy the
safari-firefoxmanifest into themanifest.json - Open:
about:debugging#/runtime/this-firefox - Click Load Temporary Add-on
- Select
manifest.json - Open the extension icon and enter your session key
- Download and unzip the extension archive
- Copy the
safari-firefoxmanifest into themanifest.json - Enable Developer Mode in Safari
- Go to:
Safari > Settings > Developer - Click Add Extension…
- Select the extension folder
- Open the extension and enter your session key
- Your session key is not stored, not logged, and not synced
- A derived version of the key is kept only in memory by the MV3 service worker
- Generated passwords are never saved — only inserted into the active field
- If the service worker shuts down (normal MV3 behavior), the key must be re-entered
The password generation algorithm and supporting logic are covered by unit tests to ensure deterministic, correct behavior.
- Chrome/Edge/Brave use the default manifest (or
chrome-brave-edge) - Firefox & Safari require the
safari-firefoxmanifest - Safari builds must be packaged through Xcode
- MV3 service workers may stop/restart at any moment — session key persistence is intentionally avoided for security
Contributions are welcome! Bug fixes, browser improvements, UI changes, and manifest updates are all appreciated. Please open an issue or submit a pull request.
Distributed under the Apache License.