Geslar
Your passwords deserve
better protection
Free password manager with military-grade encryption.
You choose where your data lives — Geslar never sends it without your knowledge.
Why Geslar?
01
You control where your data lives
With most password managers you must use their cloud from day one. Geslar works locally — your passwords live on your device, no mandatory registration and no data sent to anyone. If you ever want sync, it will be your choice.
02
Stronger encryption than the competition
Geslar uses AES-256-GCM — encryption with built-in integrity verification. Bitwarden and LastPass still use the older CBC mode which lacks this. If someone changes even one bit of your data — Geslar detects it.
03
Free — no hidden costs
TOTP keys, Škrinjar health check, secure password sharing — all free. Bitwarden charges $10/yr for TOTP, Dashlane and 1Password charge $3–5/mo, and LastPass limits the free plan to one device. Geslar doesn't put security features behind a paywall.
All features — all free
Everything you need from a password manager. No subscription, no limits, no hidden costs.
Unlimited passwords
Passwords, credentials, URLs and notes — as many as you need. No limits.
Credit cards
Save cards and auto-fill payment details on checkout pages — securely and quickly.
TOTP 2FA keys
Built-in authenticator with QR code scanning and live countdown. A complete replacement for Google Authenticator.
Smart auto-fill
Detects login and payment forms, multi-step login (Google, Microsoft) and modern SPA applications.
Auto-save
When you enter a new password or card, Škrinjar offers to save it. No manual entry.
Secure Send
Send a password or message via encrypted link — with expiry, PIN protection and view limit.
Croatian phrase generator
The only one in the world — phrases from 5,700+ Croatian words, 8 dialects and metaphors. Easy to remember, cryptographically strong.
Import from 12 sources
Migrate from Bitwarden, Chrome, Firefox, LastPass, 1Password, KeePass and more — in 30 seconds.
Password history
The last 5 versions of each password are kept. Changed a password and forgot the old one? It's there.
Folders and favorites
Organize records in folders. Mark the most important as favorites for one-click access.
Export and backup
Export to encrypted Geslar format, Bitwarden JSON or CSV. Your data, your control, always.
Dark and light theme
Follows system theme automatically or choose manually. Keyboard shortcuts, WCAG AA accessibility.
How it works
1
Install the extension
Add Geslar to your browser with one click — no registration, no email.
2
Set a master key
Set your master password once. It stays only in RAM — never on disk.
3
Save and auto-fill
Geslar remembers passwords and auto-fills them — with one click or a shortcut.
Ready to start?
Install Škrinjar in 30 seconds and start saving passwords locally, with zero-knowledge encryption.
How we protect you
AES-256-GCM
Encryption with integrity verification — an attacker cannot invisibly modify data
600.000×
Key derivation iterations — even the fastest computer needs years to guess
Local
Your data goes nowhere without your explicit consent
Your master password is never stored anywhere. Geslar uses a zero-knowledge architecture: even when we add sync one day, the server will never be able to read your data. Only you have the key.
Every Škrinjar is unique
Every operation uses its own random salt. Even with an identical password, two Škrinjars generate completely different keys. Cracking one doesn't help with the other.
Key only in working memory
The session key lives exclusively in browser RAM — never written to disk. When you close the browser or the timeout expires, the key disappears forever.
Invisible to websites
Auto-fill uses a closed Shadow DOM with randomized element names. A malicious page cannot detect Geslar, read your data or manipulate the fill.
Auto-lock
Škrinjar locks after inactivity. When locked, the key is cleared from memory — even if someone accesses your computer, without the master password they can't do anything.
Breach check — private
Check if your password is in known data breaches. Geslar sends only 5 hash characters (k-Anonymity) — your password literally never leaves the device.
Comparison with competitors
What you get for free in Geslar, but need to pay for or can't get elsewhere.
Feature
Geslar
Bitwarden
1Password
Proton Pass
Unlimited passwords
✓
✓
✗ trial
✓
Encryption
AES-256-GCM
AES-256-CBC
AES-256-GCM
AES-256-GCM
PBKDF2 iterations
600.000
600.000
650.000
—
Credit cards (free)
✓
✓
✗
✓
TOTP 2FA keys (free)
✓
✗ premium
✗
✓
Škrinjar health check
✓
✗ premium
✗
✗
Croatian phrase generator
✓
✗
✗
✗
Secure password sharing
✓
✗ premium
✗
✗
SPA login detection
✓
✗
✓
✗
Import from 12+ sources
✓
✓
✓
partial
Works without registration
✓
✗
✗
✗
Local
✓
✗ cloud required
✗ cloud required
✗ cloud required
3 features competitors charge for — TOTP keys, Škrinjar health check and secure password sharing — are completely free in Geslar. No registration, no credit card.
Geslar approach
- Local — cloud is never mandatory
- Zero-knowledge: server can't read your data, not today not ever
- GCM encryption with data integrity verification
- Invisible overlay — pages can't detect the password manager
- No registration, no email — use immediately
With competitors
- Cloud mandatory from day one — can't even start without registration
- Bitwarden and LastPass use CBC mode without data integrity verification
- Most PMs use an unprotected overlay that pages can read
- Free tier often limited to 1 device or 50 passwords
Part of the Geslar ecosystem
Geslar Generator
Free secure password and phrase generator from real Croatian words. Works in browser, no installation.
Try the generator →
Geslar Ključar
Free TOTP authenticator for 2FA codes. AES-256-GCM encryption, biometrics, import from 7 sources. Android and iOS.
Download Ključar →
Future plan: When cloud sync becomes available, Ključar and Škrinjar will be able to share TOTP keys — browser autofill automatically fills 2FA codes without opening your phone.
Take control of your passwords
Military-grade encryption, local, free without limits.