# SIMPLE VAULT - MULTI-USER PASSWORD MANAGER
SimpleVault is a web-based tool that allows you to manage passwords
or other secret information in a safe way. All secret information is
encrypted using strong encryption algorithms. SimpleVault is particularly
useful if you want to share secret information within a working group
with trusted members.
This fork adds the following features and improvements the original simplevault 1.9:
* added support for multi-user environments with additional environments using webservers basic authentication.
* Added the "nice theme": https://github.com/AndresBott/simplevault-nice-theme ( background based on http://subtlepatterns.com/black-leather/ )
The original simplevault resides on https://github.com/ckujau/simplevault
The project is available under the terms of the GNU Public License v3 (GPL3).
For bug reports or feature requests please visit [our bugtracker](https://tracker.codewolke.net).
* webserver with htaccess-support
* PHP5 or newer with the mcrypt library
1) Download and unpack the SimpleVault package to the directory <install-dir>.
By default, **/var/lib/simplevault/simplevault.txt** is used as the vault file
where all encrypted and unencrypted data is stored. This file should be
readable and writeable by the web server.
NOTE: You must create the folder **/var/lib/simplevault**, and assign it permissions
so that your web server can read and write to that folder. If you are using
shared hosting and don't have direct access to the web server, you can change
the location of the vault file to "vault/simplevault.txt". Ensure that this
folder is not accessible from the internet!!
2) Several configuration options, including the path to the vault file, can
be overridden by editing svconfig.php. By default this file does not exist
but a sample configuration file exists in svconfig.php-dist.
3) That's it. Go to <your-host>/<install-dir>/index.php and start creating
## SECURITY CONSIDERATIONS
1) Always use a strong passphrase.
2) Do **not** use simplevault on unencrypted connections.
2) Ensure that your vault file is **not** accessible from the internet. If you
are installing simplevault on your own server, put the simplevault.txt file
in /var/lib/simplevault so that it is not accessible on the internet. If
you are using shared hosting, make sure the "vault" subdirectory is not
accessible from the internet by using .htaccess files, or by making the
directory private or password protected using your web host's control panel.
(c) Rolf Brugger, Oct 2007 & Rene Wagner, Oct 2017