go-pwdstore

module

v0.0.0-...-b4c32ca Latest Latest Go to latest Published: Aug 29, 2021 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jeff-moorhead/go-pwdstore

Links

Open Source Insights

README ¶

go-pwdstore

This is a simple commandline password manager implemented in Go. It stores passwords as AES-256 encrypted values in a JSON file either at the default location of ~/.pwdmgr/store.json (currently untested on Windows), or at a location of the user's choosing by passing the --file option. The manager also stores the encryption key in a file at the default location of ~/.pwdmgr/store.key, or somewhere else by specifying the --key option.

The Elephant in the Room

This app was built as a side project to explore cryptography and how to use symmetric encryption in Go. IT HAS NOT BEEN TESTED AGAINST VULNERABILITIES AND SHOULD NOT BE USED TO STORE SENSITIVE INFORMATION. One obvious vulnerability is that it keeps the encryption key alongside the encrypted data. The manager writes data and key files with 600 permissions so only your user can access the files, but if anybody gains access to your computer and account information, your information will be vulnerable. Overall, there are much better commercial password managers available. Use those instead for any real data you need to keep secret.

Installation

To install, download the source code via Git:

$ git clone https://github.com/Jeff-Moorhead/go-pwdstore.git

Once you have the code downloaded locally, from the top of the repo, run:

$ make install-user

This will build the binary and install it in ~/bin, creating that directory if it doesn't exist. You may need to add ~/bin to your path with export PATH=$PATH:~/bin.

Usage

To initialize a new password manager, run go-pwdstore --init. From here, you can add, remove, change, and view passwords. To add a new password, use the --title and --password options. If --add, --remove, and --set are omitted, the default behavior is to display the decrypted password for the given title.

The order of priority for options is:

--init, execution stops after a new manager is initialized. This option will overwrite any existing data unless different data and key file locations are given via --file and --key.
--all, view all titles available, no passwords are displayed. Execution stops after displaying titles.
--add, requires --title and --password options.
--set, requires --title and --password options.
--remove, requires --title option.
No flag given: displays password, requires --title option.

Contributing and Issues

If you are interested in contributing to this project, have any questions about my implementation, or would like to report an issue, please email me at jeff.moorhead1@gmail.com.

Directories ¶

Path	Synopsis
app
cmd
encryption Credit	Credit
pwdstore

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL