Another way to manage passwords (password manager and 2FA authenticator)
About this app
With ANOTHERpass you don't need to create and remember a long and complex master password!
ANOTHERpass comes with a clever two factor authentication to unlock the vault. These factors are knowledge (a PIN chosen by you) and ownership (the generated master password as a physical token). Instead of remembering a long and complicated master password (or a too weak one!) you just remember the PIN and have your master password or token with you (as QR code or NFC tag). Additionally, for more convenience, you can safely store it on your device using biometrics (e.g. fingerprint).
ANOTHERpass generates easy but strong passwords for you. It uses so called Pseudo Phrases by default which look like real words but are still very random and unpredictable. Password strength comes with its length (16 - 32 characters)!
You can also access your credentials in the app from your laptop at home or work, if you use the ANOTHERpass Browser Extension.
Besides other features, like a powerful credential-search, grouping, import/export from and to several formats like Keepass and CSV, the app also works as a secure authenticator (2FA).
Core features of the app
- easy two factor authentication (PIN and master password as physical token or PIN and biometric for convenient Quick Access) - no weak or complicated master password to memorize, you only need to export it (on QR code or NFC tag) - easy to read but strong password generator (Pseudo Phrases with flexible length) - strong modern encryption, all fully configurable (AES 128/256, Blowfish 128/256, Chacha20, Argon2, PBKDF) - uses an integrated security chip or TEE (Trusted Execution Environment) if present - Autofill support - works with the ANOTHERpass Browser Extension to share credentials within a local network (e.g. from the app to the desktop PC) - fully offline, internet permission is only needed to provide Browser Extension support - 2FA support for one-time-passwords (HOTP and TOTP) - notification for expired credentials - no insecure clipboard function by default - option to display passwords over other apps to type them easily - (automatic) export and import the credential vault - export vault and master key separately (latter analogue if wished) - share and outsource credentials - obfuscate important passwords as additional security layer - optional self destruction after too many failed login attempts - supported languages: english, german, dutch, chinese - Dark theme support ;-)
For detailed information see anotherpass.jepfa.de
If you like the app please star it on Github!
Licensed under MIT, by Jens Pfahl.
What's New in v2.2.6
Imported from the F-Droid repository index.
- * fix #101 read corrupt autobackup vault files
- and save with truncation
Version history
Jun 27, 2026 · 13.7 MB · Android API 24–34 · code 202006
Imported from the F-Droid repository index.
- * fix #101 read corrupt autobackup vault files
- and save with truncation
SHA-256 1358e77a385ef6be33cb986bd0b754a4327635c82b17b8948519f86ca7a78bba
Dec 8, 2025 · 13.7 MB · Android API 24–34 · code 202005
Imported from the F-Droid repository index.
- * show abort indicator if credential multi-select is enabled
- * update crypto dependencies
- * make app build reproducible on F-Droid
SHA-256 13a05f825ac9aaea41bfe314df1f651bdd2d7fd2b65c5348e593e099693093cf
Sep 1, 2025 · 13.3 MB · Android API 24–34 · code 202004
Imported from the F-Droid repository index.
- * add PIN generator
- * align buttons at the bottom
- * make app build reproducible on F-Droid
SHA-256 7d6df001301d125e672ab9c0c2fdbb2e32963af73c9d9039cb13ffde795f3182
Will it run on your device?
87%
- Runs on a broad range of modern Android versions.
- Multiple CPU architectures are covered.
Installation Guide
Open Settings on your Android device
Go to Security → Unknown sources (or Install unknown apps)
Enable "Allow from this source" for your browser or file manager
Open the downloaded APK file from your Downloads folder
Tap "Install" and wait for installation to complete
Launch the app from your home screen
Make sure to re-enable Unknown Sources restrictions after installation for security.
How to install this safely
How to verify the file you downloaded
Before you install anything, confirm the file is the one described here. On a computer, run shasum -a 256 your-download.apk (macOS or Linux) or certutil -hashfile your-download.apk SHA256 (Windows), then compare the output character-for-character with the SHA-256 on this page. If a single character differs, the file is not the build we recorded — delete it.
What the signing certificate proves
Every Android app is signed with a private key that only its developer holds. The fingerprint on this page is a hash of the matching public certificate, and it proves continuity rather than identity: it tells you a build came from whoever signed the earlier ones. Android enforces this at install time — if a package claiming to be de.jepfa.yapm is signed with a different key, the system will refuse to install it over your existing copy. A fingerprint that changes between releases is worth pausing on, because a repackaged app that has been modified by someone else cannot keep the original signature.
How to roll back to an earlier version
If the current release misbehaves, 2.2.5 is the last build before it. Android will not install an older version code over a newer one, so you must uninstall ANOTHERpass first — which clears its local data unless you have a backup. Reinstall the older APK only if its signing fingerprint matches the build you already trust, and check the API range: an older release may target an Android version your device has moved past.
Why we list sources instead of hosting everything
The official store channel is almost always the right choice: it updates automatically and carries the publisher's own distribution guarantees. A direct APK is useful when a device has no store access, when a rollout has not reached your region, or when you need a specific version — and only when the publisher has authorized that copy. APKBrowse does not list pirated, cracked, or unauthorized rebuilds of ANOTHERpass, and a listing is removed when the evidence for it stops holding up.
Get ANOTHERpass
Every source we list for de.jepfa.yapm is legality-reviewed. Pirated or cracked builds are never offered.
Other sources
F-Droid listing
officialF-Droid builds this app from source and signs it. This is its official listing, with older builds and full release notes.
Source code
verified publisherThe upstream repository this build is compiled from.
We check legality and signature continuity, but device behaviour still varies. Install at your own discretion.
App Information
Security Verification
We record provenance; we do not run malware scans. Verify the hash yourself before installing.
SHA-256 Hash
1358e77a385ef6be33cb986bd0b754a4327635c82b17b8948519f86ca7a78bba
Signing certificate
cbb8712de9d3178a01257de63f271e6432b5b499297f2463b9d0c0c02894aa8a
Permissions Required
Previous Versions
The signing certificate fingerprint for this release is on record, so a build that does not match it did not come from this publisher.
Report a problem with this listing
A listing is only as good as its corrections. If a source is broken, a signature looks wrong, or this app should not be here, tell the moderation team.