A source code is not supplied for the exact same reasons.
I have no problem with someone checking the truth behind my words by checking connections to the internet through fiddler 4 or any other packets listening software, You can scan your computer for changes in files by creating a sandbox and check if it saves your passwords somewhere, which i assure you it doesn't.
While there are some sites that need special chars for them, I don't know of many yet that do,
There will be an additional version of this program released soonish with more complex passwords.
If I had supplied the code behind this, people would use that code to build an easy to use hacking tool, while decryption of an EXE is possible, by what I know, decryption of this EXE isn't easy (while still possible)
I'd rather people will wonder what algorythm i used so it won't be easy to hack into people's passwords.
I do understand your stand point and I shall rethink mine but, for now, the base code shall remain hidden.