{"id":36444518,"url":"https://github.com/passw0rd/cli","last_synced_at":"2026-01-11T22:03:14.053Z","repository":{"id":64304156,"uuid":"153054850","full_name":"passw0rd/cli","owner":"passw0rd","description":"Passw0rd's CLI tool for communicating with API of the Password-Hardened Encryption (PHE) Service. https://passw0rd.io/ ","archived":false,"fork":false,"pushed_at":"2019-01-21T15:18:12.000Z","size":129,"stargazers_count":8,"open_issues_count":0,"forks_count":1,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-06-20T15:55:53.640Z","etag":null,"topics":["cli","cryptography","encryption","passw0rd","password","password-hardened-encryption","phe"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/passw0rd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-10-15T04:51:42.000Z","updated_at":"2024-06-20T15:55:53.641Z","dependencies_parsed_at":"2023-01-15T10:15:20.013Z","dependency_job_id":null,"html_url":"https://github.com/passw0rd/cli","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/passw0rd/cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passw0rd%2Fcli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passw0rd%2Fcli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passw0rd%2Fcli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passw0rd%2Fcli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/passw0rd","download_url":"https://codeload.github.com/passw0rd/cli/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/passw0rd%2Fcli/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28324845,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-11T18:42:50.174Z","status":"ssl_error","status_checked_at":"2026-01-11T18:39:13.842Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","cryptography","encryption","passw0rd","password","password-hardened-encryption","phe"],"created_at":"2026-01-11T22:03:13.962Z","updated_at":"2026-01-11T22:03:14.033Z","avatar_url":"https://github.com/passw0rd.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Passw0rd CLI\n\n[![Production](https://travis-ci.org/passw0rd/cli.svg?branch=master)](https://travis-ci.org/passw0rd/cli)\n[![GitHub license](https://img.shields.io/badge/license-BSD%203--Clause-blue.svg)](https://github.com/VirgilSecurity/virgil/blob/master/LICENSE)\n\n\u003ca href=\"https://passw0rd.io/\"\u003e\u003cimg width=\"260px\" src=\"https://cdn.virgilsecurity.com/assets/images/github/logos/passw0rd.png\" align=\"left\" hspace=\"0\" vspace=\"0\"\u003e\u003c/a\u003e[Virgil Security](https://virgilsecurity.com) introduces to developers a **Passw0rd CLI** – an open source tool that provides commands for interacting with the [Passw0rd Service](https://passw0rd.io/). With minimal configuration, you can start using all of the functionality provided by the Passw0rd from your favorite terminal program.\n- **Linux shells** – Use common shell programs such as Bash, Zsh, and tsch to run commands in Linux, macOS, or Unix.\n- **Windows command line** – On Microsoft Windows, run commands in either PowerShell or the Windows Command Processor.\n\n## Content\n- [Installation](#installation)\n- [Launching CLI](#launching-cli)\n- [Features](#features)\n- [Register your account and set up 2FA](#register-your-account-and-set-up-2FA)\n- [Commands usage](#commands-usage)\n  - [Log in the account](#log-in-the-account)\n  - [Log out the account](#log-out-the-account)\n  - [Create a new application](#create-a-new-application)\n  - [Get application list](#get-application-list)\n  - [Get an update token](#get-an-update-token)\n  - [Fetch an update token](#fetch-an-update-token)\n  - [Delete an update token](#delete-an-update-token)\n  - [Update keys](#update-keys)\n  - [Generate a secret key](#generate-a-secret-key)\n- [Passw0rd Demo](#passw0rd-demo)\n  - [Enroll user record](#enroll-user-record)\n  - [Verify user record](#verify-user-record)\n  - [Rotate user record](#rotate-user-record)\n- [License](#license)\n- [Support](#support)\n\n## Installation\nThe passw0rd CLI is provided as a binary file, and it is available for Mac OS, FreeBSD,  Linux OS and Windows OS. Download the latest CLI package here: https://github.com/passw0rd/cli/releases.\n\n\n## Launching CLI\n\n#### FreeBSD / Linux / Mac OS\nRun the passw0rd CLI with the following command:\n```bash\n./passw0rd\n```\n\u003e or use `sudo ./passw0rd` when you need to run the command as an administrator\n\n#### Windows OS\nRun the passw0rd CLI with the following command:\n```bash\npassw0rd.exe\n# or just `passw0rd`\n```\n\n## Features\nUsing the passw0rd CLI you can:\n  * register and manage your **FREE** passw0rd account\n  * register and manage your passw0rd application\n  * get your passw0rd application credentials, such as: Application Token, Service Public Key, Application Secret Key\n  * try a passw0rd Demo\n\nTo get more information, run the passw0rd CLI or its command with the `--help` or `-h` option that displays full help list and available commands.\n\n\n## Register your account and set up 2FA\n\n**First**, register your account with the following command:\n```bash\n./passw0rd account register my@email.com\n```\nYou have to confirm your account by entering a confirmation code you got in the email and create your account password.\n\n\u003e !!! Once you've confirmed your account and created an account password, the passw0rd CLI immediately asks you to set up two-factor authentication and to create a new passw0rd App (with a default application name) and an `app_secret_Key`. Accept the offer to get all the necessary credentials (app_token, service_public_key, app_secret_key) to start working with passw0rd service.\n\n**Second**, set up two-factor authentication (2FA):\n- Copy a QR link that you got in a passw0rd CLI\n- Open the QR link in a browser or some application\n- Scan the QR using your 2FA application\n- Enter a 2FA code into a passw0rd CLI\n\n\u003e To set up 2FA you have to use an application that generates secure 2 step verification tokens on your device. For example, you can download and install [Google Authenticator](https://support.google.com/accounts/answer/1066447?co=GENIE.Platform%3DAndroid\u0026hl=en) or [Authy](https://authy.com/download/).  \n\nAs a result, you get your passw0rd's application credentials:\n- application `name`\n- application `app_token`\n- server `service_public_key`\n- client `app_secret_key`\n\n## Commands usage\n\nThe passw0rd CLI has the following usage syntax:\n`passw0rd [global options] command [command options] [arguments...]`\n\nThe examples below are given for the FreeBSD/Linux/Mac OS platforms.\n\n### Log in the account\nTo log into your prefer account use the following command structure:\n```bash\n./passw0rd login my@email.com\n```\n\n### Log out the account\nTo log out the account use the following command structure:\n```bash\n./passw0rd logout my@email.com\n```\n\n### Create a new application\nTo create a new passw0rd application:\n- be sure you're logged in your account. To log in the account use the following command (2FA is required):\n\n```bash\n./passw0rd login my@email.com\n```\n- then, use the `create` command:\n```bash\n./passw0rd application create my_new_passw0rd_app\n```\n\nwhere:\n- my_new_passw0rd_app - is the name of your new passw0rd application.\n\n### Get application list\nTo show all your registered applications use the following command:\n```bash\n./passw0rd application list\n```\n\n### Get an update token\nAn update token is used to update a user's passw0rd record in your database and to get a new `app_secret_key` and `service_public_key` of a specific application.\n\nTo get an update token:\n- be sure you're logged in your account. To log in the account use the following command (2FA is required):\n\n```bash\n./passw0rd login my@email.com\n```\n\n- then, use the `rotate` command;\n\n```bash\n./passw0rd application rotate \u003capp_token\u003e\n```\n\nwhere:\n- \u003capp_token\u003e - is your application token.\n\nas a result, you get your `update_token`.\n\n### Fetch an update token\nIn case you forgot your `update_token` you can fetch the latest one from the Passw0rd service using the following command:\n\n```bash\n./passw0rd application fetch-update-token \u003capp_token\u003e\n```\n\n### Delete an update token\nDelete the latest `update_token` available for current application:\n\n```bash\n./passw0rd application delete-update-token \u003capp_token\u003e\n```\n\n### Update keys\nThis command is used to update the `app_secret_key` and `service_public_key` of a specific application\n\n```bash\n./passw0rd application update-keys \u003cservice_public_key\u003e \u003capp_secret_key\u003e \u003cupdate_token\u003e\n```\n\n### Generate a secret key\nThis command is used to generate a new `app_secret_key`:\n```bash\n./passw0rd keygen\n```\n\n## Passw0rd Demo\nPassw0rd CLI provides you with a Demo mode that allows you to try out passw0rd technologies and see how the functions work without setting up a passw0rd SDK.\n\nTo start working with a passw0rd Demo you need to have a registed passw0rd account and created application.\n\n#### Enroll user record\nThe demo command allows you to create user's record:\n\n```bash\n./passw0rd --config passw0rd.yaml demo enroll user_password\n```\nwhere:\n- passw0rd.yaml - a config file that contains your account credentials: app_token, service_public_key, app_secret_key. This file is not created by default. So, create passw0rd.yaml file, paste your account credentials into it and specify the pass to it.\n- user_password - user password that he or she uses to sign in to your server side.\n\nas a result, you get:\n- encryption key - secret key, that can be used to encrypt user data (for example, photos)\n- record - database passw0rd's record that is associated with the user.\n\n\n#### Verify user record\nThe demo command allows you to verify user password with the `record`:\n```bash\n./passw0rd --config passw0rd.yaml demo verify user_password user_passw0rd_record\n```\n\nwhere:\n- passw0rd.yaml - a config file that contains your account credentials: app_token, app_id, service_public_key, app_secret_key. This file is not created by default. So, create passw0rd.yaml file, paste your account credentials into it and specify the pass to it.\n- user_password - user password that he or she uses to sign in to your server side.\n- user_passw0rd_record - database passw0rd's record that is associated with the user.\n\nAs a result, you get an encryption key and information whether the password is correct or not.\n\n#### Rotate user record\nThis function allows you to use a special `update_token` to update the user's `record`.\n\nUse this flow only if your database has been COMPROMISED! When a user only needs to change his or her own password, use the `enroll` function (step 5) to replace the user's old `record` value in your database.\n\nto update user's `record`:\n- get [your `update_token` using passw0rd CLI](https://github.com/passw0rd/cli#get-an-update_token)\n- then use the `update token` function to create a new password_record for your users (you don't need to ask your users to create a new password because the original password is not changing, just the protected record of it in the passw0rd system).\n- then update the `record` with the following command:\n```bash\n./passw0rd --config passw0rd.yaml demo update user_passw0rd_record update_token\n```\n\nwhere:\n- passw0rd.yaml - a config file that contains your account credentials: app_token, service_public_key, app_secret_key. This file is not created by default. So, create passw0rd.yaml file, paste your account credentials into it and specify the pass to it.\n- user_passw0rd_record - database user's `record` that is going to be updated.\n- update_token - update token that you got using the update_token command.\n\nAs a result, you get an **updated user's record**.\n\nThen, you have to update the `app_secret_key` and `service_public_key` of your application\n\n```bash\n./passw0rd application update-keys \u003cservice_public_key\u003e \u003capp_secret_key\u003e \u003cupdate_token\u003e\n```\nAs a result, you get **new `app_secret_key` and `service_public_key` of your application**.\n\nSo, now upgrade the passw0rd.yaml file with your new application credentials and use the [verify user password](https://github.com/passw0rd/cli#verify-user-password) step to check whether the password is correct or not.\n\n## License\nSee [LICENSE](https://github.com/VirgilSecurity/virgil-cli/tree/master/LICENSE) for details.\n\n## Support\nOur developer support team is here to help you. Find out more information on our [Help Center](https://help.virgilsecurity.com/).\n\nAlso, get extra help from our support team: support@VirgilSecurity.com.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpassw0rd%2Fcli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpassw0rd%2Fcli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpassw0rd%2Fcli/lists"}