gopass is a password manager for the command line written in Go. It works on all major desktop and server operating systems (Linux, MacOS, BSD, Windows).
For detailed usage and installation instructions please check out our documentation.
|Secure secret storage||stable||Securely storing encrypted secrets|
|Recipient management||beta||Easily manage multiple users of each store|
|Multiple stores||stable||Mount multiple stores in your root store, like file systems|
|password quality assistance||beta||Checks existing or new passwords for common flaws|
|password leak checker||integration||Perform offline checks against known leaked passwords|
|PAGER support||stable||Automatically invoke a pager on long output|
|JSON API||integration||Allow gopass to be used as a native extension for browser plugins|
|Automatic fuzzy search||stable||Automatically search for matching store entries if a literal entry was not found|
|gopass sync||stable||Easy to use syncing of remote repos and GPG keys|
|Desktop Notifications||stable||Display desktop notifications and completing long running operations|
|REPL||beta||Integrated Read-Eval-Print-Loop shell with autocompletion.|
|Extensions||Extend gopass with custom commands using our API|
Gopass is a versatile command line based password manager that is being developed with the following principles in mind:
- Easy: For technical users (i.e. those who are used to the command line) it should be easy to get started with gopass.
- Secure: Security is hard. We aim to make it as easy as possible while still providing a good level of protection against common adversaries. Caution: If your personal threat level is very high, we might not offer a good tool for you.
- Extensible: While Gopass includes a fair amount of useful features, we can't cover every use-case. To support more special use cases we want to provide a clean and simple API to integration gopass into your own binaries.
Please see docs/setup.md.
If you have Go 1.18 (or greater) installed:
go install github.com/gopasspw/gopass
WARNING: Please prefer releases, unless you want to contribute to the development of gopass. The master branch might not be very well tested and can contain breaking changes without further notice.
Either initialize a new git repository or clone an existing one.
New password store
$ gopass setup __ _ _ _ _ _ ___ ___ /'_ '\ /'_'\ ( '_'\ /'_' )/',__)/',__) ( (_) |( (_) )| (_) )( (_| |\__, \\__, \ '\__ |'\___/'| ,__/''\__,_)(____/(____/ ( )_) | | | \___/' (_) 🌟 Welcome to gopass! 🌟 Initializing a new password store ... 🌟 Configuring your password store ... 🎮 Please select a private key for encrypting secrets:  gpg - 0xFEEDBEEF - John Doe <firstname.lastname@example.org> Please enter the number of a key (0-12, [q]uit) (q to abort) : 0 ❓ Do you want to add a git remote? [y/N/q]: y Configuring the git remote ... Please enter the git remote for your shared store : email@example.com:john/passwords.git ✅ Configured
gopass setup will use
gpg encryption and
git storage by default.
Existing password store
$ gopass clone firstname.lastname@example.org:john/passwords.git __ _ _ _ _ _ ___ ___ /'_ '\ /'_'\ ( '_'\ /'_' )/',__)/',__) ( (_) |( (_) )| (_) )( (_| |\__, \\__, \ '\__ |'\___/'| ,__/''\__,_)(____/(____/ ( )_) | | | \___/' (_) 🌟 Welcome to gopass! 🌟 Cloning an existing password store from "email@example.com:john/passwords.git" ... ⚠ Cloning git repository "firstname.lastname@example.org:john/passwords.git" to "/home/john/.local/share/gopass/stores/root" ... ⚠ Configuring git repository ... 🎩 Gathering information for the git repository ... 🚶 What is your name? [John Doe]: 📧 What is your email? [email@example.com]: Your password store is ready to use! Have a look around: `gopass list`
To use the self-updater run:
or to upgrade with Go installed, run:
go install github.com/gopasspw/gopass@latest
Otherwise, use the setup docs mentioned in the installation section to reinstall the latest version.
This project uses GitHub Flow. In other words, create feature branches from master, open an PR against master, and rebase onto master if necessary.
We aim for compatibility with the latest stable Go Release only.
While this project is maintained by volunteers in their free time we aim to triage issues weekly and release a new version at least every quarter.
Credit & License
gopass is licensed under the terms of the MIT license. You can find the complete text in
Please refer to the Git commit log for a complete list of contributors.
gopass is developed in the open. Here are some of the channels we use to communicate and contribute:
- Issue tracker: Use the GitHub issue tracker to file bugs and feature requests.
- gopassbridge: Browser plugin for Firefox, Chrome and other Chromium based browsers
- gopass-ui: Graphical user interface for gopass
- kubectl gopass: Kubernetes / kubectl plugin to support reading and writing secrets directly from/to gopass.
- gopass alfred: Alfred workflow to use gopass from the Alfred Mac launcher
- git-credential-gopass: Integrate gopass as an git-credential helper
- gopass-hibp: haveibeenpwned.com leak checker
- gopass-jsonapi: native messaging for browser plugins, e.g. gopassbridge
- gopass-summon-prover: gopass as a summon provider
terraform-provider-gopass: a Terraform provider to interact with gopass
- chezmoi: dotfile manager with gopass support
- tessen: autotype and copy gopass data on wayland compositors on Linux
- pass - The inspiration for this project, by Jason A. Donenfeld.
gopassis a drop-in replacement for
passand can be used interchangeably (mostly!).
- passage - passage is a fork of password-store that uses
age as a backend instead of GnuPG.
gopasshas some amount of support for
passagebut can not be used fully interchangeably as of today. This might change in the future.
We welcome any contributions. Please see the CONTRIBUTING.md file for instructions on how to submit changes.