Simple and secure credential/password management with extra steps in Go!
Branch: master
Clone or download
Latest commit 2ae2e8c Jan 27, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
cipher updated cipher test Dec 25, 2018
cmd removed ssh exit error Jan 4, 2019
data bumped version Jan 4, 2019
img added demo gif Dec 25, 2018
management forced lowercase on site fields and tags Jan 4, 2019
utility changed folder structure Dec 25, 2018
.gitignore Implemented file decryption sucommand Dec 25, 2018 docs about file's site Jan 27, 2019
LICENSE initialized project. created commands. Dec 9, 2018 updated todo list Jan 27, 2019 updated build script Dec 25, 2018


A simple, powerful, cross-platform and military grade (marketing bs!) secure credential management.


  • Multiple local profiles
  • Stateless (doesn't keep passwords in memory for later use)
  • AES-CFB-256 and AES-CTR-256 with HMAC-SHA-256 authenticity and integrity check for profiles and files
  • Identical heavy Scrypt algorithm for hashing
  • Multiple fields per site/serivce
  • Auto generate password
  • Sync with custom server and user management
  • Cross platform
  • Easy usage
  • Only one encrypted file per profile that you can carry around!
  • Encrypt files
  • Restoring profile's password in case you manage to forget it!
  • Directly connect to ssh server using fields in given site (requires cygwin or a terminal emulator on windows)


You can download binary releases from here. Make sure you put the binary somewhere that's included in your PATH environment variable.

Or you can build from source by installing Go and then running:

$ go get -u
$ go build -o $GOPATH/bin/credman


Credman works on Linux, RPi, OSX and all Windows versions (BSD should work, but I'll never test since I don't have the environment). You can use it on your Android device if you have a terminal emulator (Termux is recomended). It requires 'xsel' or 'xclip' to be installed on Linux otherwise copy function will not work.

First you must create a profile to store your sites in:

$ credman profile add "profile name"

It will prompt you for password. Enter a secure one and hit enter.

If it's the first profile you create, it will be set as default profile. You can add as many profiles as you want. Commands that deal with sites require you to specify a profile name with '-p' option. If it's not specified, default profile will be used.

Next step is to add a site/service:

$ credman site add "site name" --field=email="my email" --field=username="my username" --password-generate


$ credman s a 'site name' -f=email='my email' -g

It will create a site inside default profile with email, username and an auto generated password. You can use -p="profile" to set a specific profile for site or omit to use default profile. Site's fields are optional data that you can add to store extra stuff for each site.

All credman configs and profiles will be created at user's home directory under .credman directory.

You can add/delete/rename/change password for each site and profile.

Check credman help or read docs for details on commands and encryption details


  • Implement local management
  • Pattern matching for site/profile names
  • Colorful output!
  • Move the functionality out of commands so other packages can use credman as a library
  • File encryption
  • Password restore
  • Site tags (for grouping)
  • SSH
  • WIP Saving encrypted files info as sites
  • Hide password field when getting site
  • Clear clipboard after a minute after copying a site's password to clipboard
  • Migration from older profiles
  • Auto update and update check
  • Profile backup and auto backup
  • Export to external disks/networks
  • Export to gist/paste service
  • Server sync
  • Desktop GUI frontend
  • Android app