Software-update: AliasVault 0.22.0

AliasVault is een privacy-first wachtwoord- en e-mailaliasmanager van Nederlandse bodem, waarmee voor iedere website een unieke identiteit en e-mailalias aan kan worden gemaakt. De software is opensource en volledig end-to-end versleuteld. Er kan van een publieke cloud gebruik worden gemaakt en het biedt ook de mogelijkheid om het volledig zelf te hosten via Docker. Clientsoftware is beschikbaar voor Android en iOS en er zijn extensies voor de gangbaarste webbrowsers. Het wordt door Leendert de Borst ontwikkeld, die ook hier op Tweakers actief is. Versies 0.22.0 is verschenen en de releasenotes daarvan zien er als volgt uit:

Expanded Multilanguage Support

AliasVault is now officially available in six languages across all platforms. In addition to English and Dutch, we're excited to welcome:

• German (Deutsch)
• Finnish (Suomi)
• Italian (Italiano)
• Simplified Chinese (简体中文)

This expansion is thanks to our amazing community contributors on Crowdin. The translations are available across the web app, browser extension, and mobile apps. Want to help make AliasVault available in your native language? Learn how here.

Enhanced Security Protections

Clickjacking Mitigations

We've implemented additional clickjacking protections in the browser extension to address recent security vulnerabilities affecting password managers. While AliasVault wasn't specifically targeted, we take security seriously and have added measures to detect new attack vectors and prevent autofill in suspicious situations.

Automatic Clipboard Clearing

Automatic clipboard clearing is now built into all platforms after copying sensitive values:

• Mobile apps (Android & iOS)
• Browser extension
• Web app

On Android, the mobile app also detects battery management restrictions to improve clipboard clearing reliability.

Improved Self-Hosting Experience

All-in-One Docker Image

By popular request, AliasVault is now available as an optional single all-in-one Docker image for easier NAS and self-hosting setups. While this version is experimental, all data remains fully compatible between the standard multi-docker setup and the new all-in-one image. Self-hosted users can switch freely between the two setups without data loss. Documentation and video tutorials for the all-in-one image will be available soon.

Enhanced Admin Panel

The admin panel now includes:

• Username change functionality for administrators
• Improved logging with non-warning entries
• Top users by credentials statistics
• Revised initialization flow for the all-in-one image

Enhanced Usability Features

Import/Export Improvements

• Dropbox Passwords importer added to credential import options
• KeePass CSV import now handles special characters correctly

Browser Extension Enhancements

• Auto-lock timeout options similar to mobile apps
• Email domain chooser for easier alias domain selection
• Improved autofill detection with shadow DOM support
• Settings subpages for better organization

Mobile App Improvements

• Email domain selector for better alias management
• Enhanced autofill on iOS
• Better error messages for self-hosted users

Technical Improvements

Client Enhancements

• Service URL validation removed to allow any value for more flexibility

Admin Panel Updates

• Improved logging and monitoring capabilities
• Enhanced user management features
• Updated UI styling for consistency

What's Coming Next

The next release will focus on updating the core data model to support additional credential types such as identities, credit cards, and more. It will also lay the groundwork for introducing passkey support.