# 03-third-parties — Password Manager Tab

This tab implements a web-based lightweight password manager for teams.
It allows you to save, view, and manage passwords and related info for third-party accounts/services in a secure file.

## Features

- **Store**: Save site/service, username, password, OTP secret, and card details for each entry.
- **Password Generation**: Generate strong random passwords.
- **Copy to Clipboard**: Instantly copy any password to clipboard with one click (no password is exposed/revealed by default).
- **OTP Code Preview**: If an OTP secret is stored, the current code is shown next to the entry.
- **Edit Protections**: All form submissions use POST and require confirmation before deleting an entry.
- **Encrypted Storage**: All credentials are saved in an encrypted JSON file (`passwords.json.enc`).

## File Overview

- `01_constants.php` — Defines file paths and any constants for this tab.
- `02_supportFuncs.php` — Helper functions for managing and encrypting credentials, generating OTPs, etc.
- `03_handler.php` — Logic for processing form submissions and updating the password list.
- `04_nav-item.html.php` — Generates the navigation item for this password manager tab.
- `05_content.html.php` — Main UI and form rendering for password management, entry listing, and actions.
- `06_modals.html.php` — (Not used / empty or for modal dialogs).
- `07_javascript.js` — Handles client-side UX, e.g. copying passwords to clipboard.
- `passwords.json.enc` — The encrypted vault file storing all team credentials.

## Usage

1. Navigate to the "Password Manager" tab in the interface.
2. Add new credentials with their site, username, password, OTP, card details, etc.
3. Use the 📋 button next to any password to copy it to your clipboard.
4. To delete an entry, click the red ✖ button and confirm.

## Security Notes

- All credentials are stored only on the server, encrypted at rest.
- Passwords are shown as dots by default; they can only be copied (not revealed) for safety.
- Use secure team practices with this tool and limit exposure of your admin interface.

## Customizing

- To change storage or encryption, update `02_supportFuncs.php` and references to `passwords.json.enc`.
- UI layout can be modified in `05_content.html.php`.
- Client logic (like clipboard copying) is in `07_javascript.js`.

---
This tab is intended for lightweight, shared team secrets/password management. For high-security requirements, use a dedicated enterprise password vault solution.