{"id":24993087,"url":"https://github.com/jarmo/secrets","last_synced_at":"2025-07-13T06:32:54.118Z","repository":{"id":57505146,"uuid":"214983316","full_name":"jarmo/secrets","owner":"jarmo","description":"Not Yet Another Password Manager written in Go using libsodium","archived":false,"fork":false,"pushed_at":"2023-04-08T14:55:37.000Z","size":3224,"stargazers_count":29,"open_issues_count":0,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-12T02:13:47.390Z","etag":null,"topics":["encryption","golang","libsodium","password-manager","password-store","privacy","secrets","security-tools"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jarmo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-10-14T08:01:59.000Z","updated_at":"2024-08-09T05:46:24.000Z","dependencies_parsed_at":"2024-06-19T05:23:50.548Z","dependency_job_id":null,"html_url":"https://github.com/jarmo/secrets","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarmo%2Fsecrets","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarmo%2Fsecrets/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarmo%2Fsecrets/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jarmo%2Fsecrets/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jarmo","download_url":"https://codeload.github.com/jarmo/secrets/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248505925,"owners_count":21115354,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["encryption","golang","libsodium","password-manager","password-store","privacy","secrets","security-tools"],"created_at":"2025-02-04T13:59:24.625Z","updated_at":"2025-04-12T02:13:52.462Z","avatar_url":"https://github.com/jarmo.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# secrets\n\n**Secure** and simple passwords manager written in [Go](https://golang.org/). It aims to be *NYAPM* (Not Yet Another Password Manager), but tries to be different from others by following UNIX philosophy of doing only one thing and doing it well.\n\n## Features\n\n* stores your secrets encrypted at rest;\n* secrets can be anything from passwords, 2FA backup codes, diary entries to private keys;\n* does not leak count nor nature of your secrets;\n* uses an alternative easy to use secure cryptography provided by [libsodium](https://download.libsodium.org/doc/) and [Argon2id](https://www.cryptolux.org/images/0/0d/Argon2.pdf);\n* supports multiple vaults with different passwords;\n* has [CLI](https://github.com/jarmo/secrets-cli) and [Web](https://github.com/jarmo/secrets-web) interface pre-built binaries for macOS, Linux and Windows, but can be compiled for many other platforms too due to usage of underlying Go language;\n* may be used as an independent Go library.\n\n### Anti-Features\n\n* does not sync your secrets to any cloud - you have [complete control](https://palant.de/2019/03/18/should-you-be-concerned-about-lastpass-uploading-your-passwords-to-its-server/) over them;\n* does not allow to recover any passwords when vault password has been forgotten - there's no built-in backdoor;\n* does not [leak anything to 3rd parties](https://reports.exodus-privacy.eu.org/en/reports/165465/) - only you know about your secrets;\n* does not generate any passwords - use [proper tools](https://linux.die.net/man/1/pwgen) for that, but avoid [improper ones](http://seclists.org/oss-sec/2018/q1/11);\n* does not auto-fill any passwords anywhere (you [don't want](https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/) that anyway) - it's up to you how you will fill your passwords;\n* does not have any mobile apps nor browser plugins - less possible attack vectors;\n* does not [remove already existing features](https://discussions.agilebits.com/discussion/105305/standalone-local-vault-option-gone) - always possibility to create your own fork since it is an open-source software and will be like that.\n\n## Is it secure?\n\n**Yes**, as long as its underlying cryptography is not broken. However, there are no 100% secure systems and there's no way to guarantee that. All in all, I'd say that using this is more secure than using any SaaS as a password manager because everything is under your control. The most secure system is not a software itself, but it's how and where you use it.\n\n## Usage\n\nIt is possible to use secrets from [command line](https://github.com/jarmo/secrets-cli), as a [self-hosted web application](https://github.com/jarmo/secrets-web)\nor as a library.\n\n## Development\n\nRetrieve dependencies and run tests\n\n```\ngit clone https://github.com/jarmo/secrets.git\ncd secrets\nmake\n```\n\n## Background Story\n\nI've used [LastPass](https://www.lastpass.com/) and [mitro](http://www.mitro.co/) in the past to store my secrets, but didn't feel too secure with either of them due to security vulnerabilities and/or one of them being shut down. I've got enough of switching between different managers and decided to write my own. I did write a version of **secrets** in Ruby a few years ago, but decided to give Go a try due to its portability features and here's the result. I've also decided to use a cryptographic library called libsodium, which is secure and has an easy API for avoiding making stupid mistakes.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjarmo%2Fsecrets","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjarmo%2Fsecrets","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjarmo%2Fsecrets/lists"}