If you discover a security vulnerability in NovaPass, please report it by emailing hi@ruslanpashkov.com. Please do not create public GitHub issues for security vulnerabilities.

• All password generation is performed locally in your browser
• No passwords are stored on remote servers
• No data is transmitted outside your device
• All stored data is encrypted using browser's built-in storage encryption
• Regular security updates and dependency maintenance

We provide security updates for the latest version of NovaPass. Please ensure you're using the most recent version.