Text-based passwords have dominated online user authentication for decades and have been constantly targeted by harvesting and phishing attacks. Password managers have become one of the most popular methods for helping users securely manage their online passwords. However, existing pass-word managers are often assumed to be used on trusted devices. To help with automatic sign-in on untrusted computers for kiosk browsing, we propose CamPass, a secure camera-based password manager. It has three components: an application on a user’s trusted mobile device, a browser extension for online sign-in on an untrusted computer, and a trusted key distribution center for the secure exchange of encryption keys. CamPass transmits credentials via QR codes from the mobile device to the browser extension for filling out login forms, and exchanges encryption keys among its three components on the network. CamPass is resistant to man-in-the-middle, eavesdropping, message forgery, and replay attacks. It also protects users from keyloggers and phishing attacks. CamPass is a rational design to make web users’ online experiences more convenient and secure.