secure interactive password manager with xchacha20poly1305, argon2id, and Go
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
filelock
img
pwgen replace entropy-mnemonics with pwgen Dec 22, 2017
repl
secureclip
vault
.travis.yml
Gopkg.lock
Gopkg.toml
LICENSE
README.md
build.sh
cmd.go
cmd_test.go
main.go
ui.go

README.md

masterkey

Go Report Card Build Status

masterkey

masterkey is a simple, secure password manager written in Go. It uses xchacha20poly1305 for authenticated encryption and argon2id for key derivation. It stores credentials given a location, where each credential is represented by a Username and a Password. Locations, Usernames, and Passwords are always encrypted using a argon2id key derived from the input passphrase. Unlike password-store and a few other password managers, an attacker with access to the encrypted database can not discern exactly how many passwords are stored, the labels (locations) for the passwords, or the usernames associated with the passwords.

Example Usage

Install masterkey either by downloading a release or using go get:

go get github.com/avahowell/masterkey

Now create your vault, in this example we'll create it at ./vault.db. New vaults are created using the -new flag, existing vaults can be opened by simplly omitting the -new flag.

Next, launch the terminal UI using masterkey vault.db, or use masterkey -repl vault.db to use the developer shell which has a bit more functionality.

Note that as with all password managers, your vault is only as secure as your master password. Use a strong, high entropy master password to protect your credentials.