Not Yet Another Password Manager written in Go using libsodium

secrets

Secure and simple passwords manager written in Go. It aims to be NYAPM (Not Yet Another Password Manager), but tries to be different from others by following UNIX philosophy of doing only one thing and doing it well.

Features

  • stores your secrets encrypted at rest;
  • secrets can be anything from passwords, 2FA backup codes, diary entries to private keys;
  • does not leak count nor nature of your secrets;
  • uses an alternative easy to use secure cryptography provided by libsodium and Argon2id;
  • supports multiple vaults with different passwords;
  • has CLI and Web interface pre-built binaries for macOS, Linux and Windows, but can be compiled for many other platforms too due to usage of underlying Go language;
  • may be used as an independent Go library.

Anti-Features

  • does not sync your secrets to any cloud - you have complete control over them;
  • does not allow to recover any passwords when vault password has been forgotten - there's no built-in backdoor;
  • does not leak anything to 3rd parties - only you know about your secrets;
  • does not generate any passwords - use proper tools for that, but avoid improper ones;
  • does not auto-fill any passwords anywhere (you don't want that anyway) - it's up to you how you will fill your passwords;
  • does not have any mobile apps nor browser plugins - less possible attack vectors;
  • does not remove already existing features - always possibility to create your own fork since it is an open-source software and will be like that.

Is it secure?

Yes, as long as its underlying cryptography is not broken. However, there are no 100% secure systems and there's no way to guarantee that. All in all, I'd say that using this is more secure than using any SaaS as a password manager because everything is under your control. The most secure system is not a software itself, but it's how and where you use it.

Usage

It is possible to use secrets from command line, as a self-hosted web application or as a library.

Development

Retrieve dependencies and run tests

git clone https://github.com/jarmo/secrets.git
cd secrets
make

Background Story

I've used LastPass and mitro in the past to store my secrets, but didn't feel too secure with either of them due to security vulnerabilities and/or one of them being shut down. I've got enough of switching between different managers and decided to write my own. I did write a version of secrets in Ruby a few years ago, but decided to give Go a try due to its portability features and here's the result. I've also decided to use a cryptographic library called libsodium, which is secure and has an easy API for avoiding making stupid mistakes.

Owner
Jarmo Pertman
Jarmo Pertman
https://github.com/jarmo/secrets
Similar Resources

A light package for generating and comparing password hashing with argon2 in Go

argon2-hashing argon2-hashing provides a light wrapper around Go's argon2 package. Argon2 was the winner of the Password Hashing Competition that make

Sep 27, 2022

Argon2 password hashing package for go with constant time hash comparison

argon2pw Argon2 password hashing package with constant time hash comparison Preface: Argon2 was selected as the winner of the Password Hashing Competi

Sep 27, 2022

Validate the Strength of a Password in Go

Validate the Strength of a Password in Go

go-password-validator Simple password validator using raw entropy values. Hit the project with a star if you find it useful ⭐ Supported by Qvault This

Jan 6, 2023

:key: Idiotproof golang password validation library inspired by Python's passlib

passlib for go Python's passlib is quite an amazing library. I'm not sure there's a password library in existence with more thought put into it, or wi

Dec 30, 2022

A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

Oct 14, 2022

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp

Dec 10, 2022

Secure Remote Password library for Go

go-srp NOTE: This is a port of node-srp to Go. I recommend reading their README for general information about the use of SRP. Installation go get gith

Aug 8, 2022

lolcat in Go that's not broken Ruby that doesn't work with figlet

lolcat in Go Yeah, no one wants to install Ruby just to use lolcat in 2021. This one actually works with combined with future figlet font. (The other

May 15, 2021

its a simple backdoor service that im making cuz i think that it could be cool its not finished but this is a cool project

its a simple backdoor service that im making cuz i think that it could be cool its not finished but this is a cool project

yackdoor its a simple backdoor service that im making cuz i think that it could be cool its not finished but this is a cool project how it looks backd

Aug 18, 2022
Related tags
Security golang privacy encryption password-manager secrets libsodium password-store security-tools
password manager using age for encryption

page ====== password manager using age (https://age-encryption.org/) for encryption. encrypted secrets are files in the $PAGE_SECRETS/ directory that

May 30, 2022
Password manager written in golang
 Password manager written in golang

Go password manager Password manager written in golang. Dependencies: gpg golang

Dec 2, 2021
Yet another log4j vulnerability scanner

k-amon-k - Yet another log4j scanner Quick-n-Dirty installation Assuming you hav

Oct 12, 2022
A Go Module to interact with Passbolt, a Open source Password Manager for Teams

go-passbolt A Go Module to interact with Passbolt, a Open source Password Manager for Teams This Module tries to Support the Latest Passbolt Community

Oct 29, 2022
Simple password manager app in GO

Introduction This is my first project in Go, a password manager application. A humble attempt at execution of an idea I've had for some time now. The

Sep 13, 2022
A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.

goSecretBoxPassword This is a Golang library for securing passwords it is based on the Dropbox method for password storage. The both passphrases are f

Jan 3, 2023
A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go 🔑

simple-scrypt simple-scrypt provides a convenience wrapper around Go's existing scrypt package that makes it easier to securely derive strong keys ("h

Dec 22, 2022
Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain.
 Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain.

pinentry-touchid Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain. Macbook Pro devic

Jan 1, 2023
Password generator written in Go

go-generate-password Password generator written in Go. Use as a library or as a CLI. Usage CLI go-generate-password can be used on the cli, just insta

Dec 19, 2022
Gtrace - Unofficial, simple yet effective Google Cloud Trace CLI tool

Unofficial, simple yet effective Google Cloud Trace CLI tool. Installation Homeb

Jan 4, 2023