All of these top comments remind me of the general adage that encryption and security are really hard, and if you think you know what you're doing you probably don't.
I don't want to be too harsh for a ShowHN, but even if the authors fixed the several bugs that have already been reported here, it's clear they don't have a foundational enough understanding of cryptography and security to be writing a password manager. I would suggest they spend more time understanding the basics first.
Also,
> The master password is not stored. An SHA256 salted hash is stored instead.
Have they heard of scrypt or argon2? And they're not using a KDF(!!!!!!) With sha256.
Dear Authors,if you ever read this,please look at: https://cryptopp.com/wiki/Key_Derivation_Function
And
https://cryptopp.com/wiki/RandomNumberGenerator