Vaultless password manager in Go that derives passwords from a master password and realm string
- Stars2.4k
- Forks107
- Open Issues7
BSD-3-Clause
- Go
About gokey
gokey is a password manager that does not use a password vault. It derives a password on the fly from a master password and a supplied realm string such as a resource URL, so you do not need to store, back up, or sync a vault.
It can generate passwords and keys from the same inputs. A seed file can be created with 256 bytes of random data, encrypted with AES-256-GCM and the master password, and then used to generate derived outputs such as an EC-256 private key for a realm.
gokey is a Go project with a command line install path through go install. It is stateless in normal use, but it still depends on the master password and any seed file you create, since losing either means losing the derived passwords and keys.
Key features
- Derives passwords from a master password and realm string
- No password vault to store, back up, or sync
- Creates encrypted seed files with 256 bytes of random data
- Generates derived keys such as EC-256 private keys
- Command line use through go install
Details
- First released
- 2016
- Platforms
- CLI
- Storage
- Vaultless; optional seed file
- Encryption
- AES-256-GCM
- Input
- Master password + realm string
- Language
- Go