PassDIY

A TUI for password management on HashiCorp Vault.

MIT License

Stars
3
View Code on GitHub Visit Website
Ecosystems: Go

PassDIY

A personal password/token manager TUI for developers to generate various types of hash/salted secrets and store them in their cloud-based Hashicorp Vault

Why PassDIY?

Because managing tokens, pins used in various dummy/dev apps require them to be generated first, and store them somewhere, I personally used 3 sites to generate random API dummy tokens, store them in other site. It become a big mess, and I thought there has to be a simple way where I can generate passwords and Do It mYself hence PassDIY.

Features

  • Generation of strong secrets like pins, passwords, API tokens, passphrases
  • Generate X multiple secrets at once and pick X and X password generation algorithms
  • Hash tokens/passwords with Argon2id
  • Salt tokens/passwords
  • Copy passwords to clipboard
  • Hashicorp Vault integration to connect to secure vault and store generated secrets on cloud

Hashicorp Vault Commands

  • hcpvaultconnect automatically connect to hcp vault via service principle
  • hcpvaultstore store secrets into the vault via name=value format
  • hcpvaultlist list log details about token created at, created by details

Demo

Setup

To allow PassDIY to store and connect to your Hashicorp vault you must create a service principle with Vault Secrets App Manager permission. You would also need to set up following Env variables to successfully connect and store the secrets to specific app in your vault. If you don't care about storing the values you can ignore the below variables and directly run go run main.go

HCP_CLIENT_ID your sp client ID

HCP_CLIENT_SECRET your sp secret

HCP_ORG_ID your HCP org ID

HCP_PROJECT_ID your HCP project ID

HCP_APP_NAME your HCP app name

HCP_API_TOKEN your HCP API token generated from HCP_CLIENT_ID and HCP_CLIENT_SECRET you don't need generate HCP_API_TOKEN every time it expires the PassDIY's hcpvaultconnect command will handle it by automatically connecting for you

you can now clone the repo and run from source

go run main.go

can also build PassDIY with build command and run passdiy

go build

./passdiy

Config

you can config PassDIY's password/token/pin char lengths additional confiurations in config/config.go by changing below values

const (
	PIN_DIGIT_LENGTH      int = 6   // number of ints in pin digit
	API_TOKEN_CHAR_LENGTH int = 60  // number of chars in a API token
	PASWORD_CHAR_LENGTH   int = 40  // number of chars in a password
	PASSPHRASE_COUNT_NUM  int = 5   // number of words in passphrase
	MULTIPLE_VALUE_COUNT  int = 5   // how many password/tokens you want to output
	LOTTERY_WHEEL_COUNT   int = 100 // how many times you want to generate token/password/pins to randomly pick one (pass100, pass10000)
	SALT_EXTRA_LENGTH     int = 10  // how many extra chars you want to add to a password/token
)

Roadmap

  • dynamically change config
  • add more vaults possibly vercel/Azure key vault
  • add more hashing algos

Acknowledgements

License

MIT

Authors

Related Projects
envconsul

Launch a subprocess with environment variables using data from @HashiCorp Consul and Vault.

13 May 2014 2,006
letuspass

Password manager for teams and personal use

17 Aug 2024 4
cli-password-generators

Simple command-line applications for generating passwords

10 Nov 2022 2
shhgit

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket rep...

06 Sep 2019 3,794
bank-vaults

A Vault swiss-army knife: A CLI tool to init, unseal and configure Vault (auth methods, secret en...

07 Mar 2018 2,025
harp

Secret management by contract toolchain

25 Nov 2020 145