Simple password manager app in GO

Introduction

This is my first project in Go, a password manager application. A humble attempt at execution of an idea I've had for some time now. The application can save, view and edit credentials. You can add multiple credentials for a single website. A simplistic textual interface is used to get things done.

How Does It Work

When you first start the application you are prompted to make a master password. The app has four main functions:

  1. Adding credentials to the database
  2. Displaying saved credentials for a particular website
  3. Modifying saved credentials
  4. Deleting saved credentials

Security

The master password the user creates is hashed and kept in a file in the same directory as the app. The user is prompted to enter the it when they open the application each time and their entered text is compared to the saved hash of the password. If the plaintext matches, the user is let through.

The credentials are kept in a table. The password is encrypted with the AES encryption method using an encryption key of length of 32 characters, these encrypted bytes are then converted to base64 string and saved in the database. The AES encryption key is set by the user in the .env file. It is also used when decrypting the password each time to display to the user.

Setup

We will be using PostgreSQL for the database so please ensure that you have it installed before proceeding.

You need to set an "ENC_KEY" variable inside a .env file that acts as the encryption key and will be used in encryption and decryption of passwords. A sample .env.example file is included. Please remember that the ENC_KEY must be 32 characters long. While making the .env file, also set the other environment variables needed for connecting to the database. If you decide that you do not want the databases' name to be "passwords", change it to the name of your choice opposite the "DB_NAME" variable.

Once done with the .env file, go ahead and create a database for the application. The table will be created automatically once you make a master password.

Finally, open your terminal and use the command in the project directory: go run main.go

TODO

  1. Perhaps implement copying the password to the users' clipboard instead of just displaying it.
  2. Improve the way authentication is handled.
Owner
Dhruv
Dhruv
https://github.com/good-times-ahead/Password-Manager-GO
Similar Resources

A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.

goSecretBoxPassword This is a Golang library for securing passwords it is based on the Dropbox method for password storage. The both passphrases are f

Jan 3, 2023

:key: Idiotproof golang password validation library inspired by Python's passlib

passlib for go Python's passlib is quite an amazing library. I'm not sure there's a password library in existence with more thought put into it, or wi

Dec 30, 2022

A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go 🔑

simple-scrypt simple-scrypt provides a convenience wrapper around Go's existing scrypt package that makes it easier to securely derive strong keys ("h

Dec 22, 2022

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp

Dec 10, 2022

Secure Remote Password library for Go

go-srp NOTE: This is a port of node-srp to Go. I recommend reading their README for general information about the use of SRP. Installation go get gith

Aug 8, 2022

Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain.

Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain.

pinentry-touchid Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain. Macbook Pro devic

Jan 1, 2023

ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file.

ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file.

ZipExec ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded i

Dec 31, 2022

GoLang script that checks for password leaks by sending email address to the BreachDirectory API

GoLang script that checks for password leaks by sending email address to the BreachDirectory API

GoLang script that checks for password leaks by sending email address to the BreachDirectory API

Feb 17, 2022

User enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on Linkedin

User enumeration and password bruteforce on Azure, ADFS, OWA, O365 and gather emails on Linkedin

goEnumBruteSpray Description Summary The recommended module is o365 for user enumeration and passwords bruteforce / spray . Additional information can

Dec 25, 2022
Related tags
Security Password-Manager-GO
Not Yet Another Password Manager written in Go using libsodium

secrets Secure and simple passwords manager written in Go. It aims to be NYAPM (Not Yet Another Password Manager), but tries to be different from othe

May 30, 2022
password manager using age for encryption

page ====== password manager using age (https://age-encryption.org/) for encryption. encrypted secrets are files in the $PAGE_SECRETS/ directory that

May 30, 2022
A Go Module to interact with Passbolt, a Open source Password Manager for Teams

go-passbolt A Go Module to interact with Passbolt, a Open source Password Manager for Teams This Module tries to Support the Latest Passbolt Community

Oct 29, 2022
Password manager written in golang
 Password manager written in golang

Go password manager Password manager written in golang. Dependencies: gpg golang

Dec 2, 2021
A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.
 A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

Oct 14, 2022
High-Performance Shortlink ( Short URL ) app creator in Golang. For privacy reasons, you may prefer to host your own short URL app and this is the one to use.
 High-Performance Shortlink ( Short URL ) app creator in Golang. For privacy reasons, you may prefer to host your own short URL app and this is the one to use.

About The Project Shortlink App in Golang Multiple Node based Architecture to create and scale at ease Highly performant key-value storage system Cent

Jan 3, 2023
A light package for generating and comparing password hashing with argon2 in Go

argon2-hashing argon2-hashing provides a light wrapper around Go's argon2 package. Argon2 was the winner of the Password Hashing Competition that make

Sep 27, 2022
Argon2 password hashing package for go with constant time hash comparison

argon2pw Argon2 password hashing package with constant time hash comparison Preface: Argon2 was selected as the winner of the Password Hashing Competi

Sep 27, 2022
Password generator written in Go

go-generate-password Password generator written in Go. Use as a library or as a CLI. Usage CLI go-generate-password can be used on the cli, just insta

Dec 19, 2022
Validate the Strength of a Password in Go
 Validate the Strength of a Password in Go

go-password-validator Simple password validator using raw entropy values. Hit the project with a star if you find it useful ⭐ Supported by Qvault This

Jan 6, 2023