A password manager built for the Terminal
Warning
OpenPasswd is still under development and currently in a pre-alpha phase. Do not use it in production.
curl -sSL https://raw.githubusercontent.com/r2unit/openpasswd/master/install.sh | bashThis will automatically download, build, and install OpenPasswd with shell completions.
Download the latest release for your platform from the releases page.
git clone https://github.com/r2unit/openpasswd.git
cd openpasswd
make install# Initialize configuration
openpasswd init
# Add a password
openpasswd add
# List passwords
openpasswd list
# Configure MFA
openpasswd settings set-totpopenpasswd init- Initialize configuration and databaseopenpasswd add- Add a new password entryopenpasswd list- List and search passwordsopenpasswd settings- Manage settings (passphrase, MFA, etc.)openpasswd version- Show version informationopenpasswd upgrade- Upgrade to the latest version
- Login Credentials - Username, password, URL, notes
- Credit Cards - Number, cardholder, expiry, CVV
- Secure Notes - Encrypted text notes
- Identity Information - Personal details
- Custom Fields - Additional encrypted key-value pairs
- Master Passphrase - Simple password protection
- TOTP (Time-based OTP) - Google Authenticator, Authy, etc.
- YubiKey - Hardware key authentication (coming soon)
Configure MFA:
openpasswd settings set-passphrase # Set master passphrase
openpasswd settings set-totp # Enable TOTP- AES-256-GCM encryption for all stored data
- Argon2id for key derivation
- BLAKE2b for integrity verification
- Local storage only - your data never leaves your device
- Zero-knowledge architecture - no cloud sync, no telemetry
For more details, see the Security Architecture (coming soon).
Contributions are welcome! Please follow these steps:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'feat: add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
Please ensure:
- All tests pass (
go test ./...) - Code is properly formatted (
go fmt ./...) - Linter checks pass (
golangci-lint run)
OpenPasswd is designed for developers and terminal enthusiasts who prefer:
- Command-line interface over GUI applications
- Local storage over cloud synchronization
- Full control over their security setup
- Open source transparency and auditability
- Zero dependencies on third-party services
While inspired by the Unix philosophy, OpenPasswd offers:
- Built-in encryption without requiring GPG
- Structured data with support for multiple password types
- Interactive TUI for better user experience
- Cross-platform support with consistent behavior
- Self-contained single binary with no external dependencies
OpenPasswd uses industry-standard cryptography:
- AES-256-GCM for encryption
- Argon2id for password hashing
- BLAKE2b for integrity checks
However, as the project is in pre-alpha, it has not undergone a formal security audit. Use at your own risk.
Currently, OpenPasswd is designed for local storage only. Cloud sync is not planned to maintain zero-knowledge architecture and maximum security.
MIT License - see LICENSE file for details.