Convert Figma logo to code with AI

gopasspw logogopass

The slightly more awesome standard unix password manager for teams

6,204
511
6,204
85
View on GitHub

Top Related Projects

FiloSottile's avatar

age

18,759

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

getsops's avatar

sops

18,348

Simple and flexible tool for managing secrets

bitwarden's avatar

clients

10,119

Bitwarden client apps (web, browser extension, desktop, and cli).

keepassxreboot's avatar

keepassxc

23,002

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.

dani-garcia's avatar

vaultwarden

45,992

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

lastpass's avatar

lastpass-cli

2,881

LastPass command line interface tool

Quick Overview

Gopass is a password manager for teams, built with Go. It is designed to work with multiple users and GPG encryption, allowing secure sharing of passwords and secrets across team members. Gopass is command-line focused but also offers GUI integrations.

Pros

  • Strong encryption using GPG
  • Multi-user support for team password management
  • Git integration for version control and synchronization
  • Extensible with plugins and custom templates

Cons

  • Steep learning curve for non-technical users
  • Primarily command-line based, which may not appeal to all users
  • Requires GPG setup, which can be complex for beginners
  • Limited native GUI options compared to some other password managers

Code Examples

  1. Storing a new password:
gopass insert myaccount/username

This command prompts for a password and stores it under the "myaccount/username" path.

  1. Generating a new password:
gopass generate myaccount/newuser 20

This generates a 20-character password and stores it under "myaccount/newuser".

  1. Retrieving a password:
gopass show myaccount/username

This displays the password stored under "myaccount/username".

Getting Started

  1. Install Gopass:

    # On macOS with Homebrew
brew install gopass

# On Linux with apt
sudo apt-get install gopass

  2. Initialize Gopass:

    gopass init

  3. Add a new password:

    gopass insert email/personal

  4. Retrieve a password:

    gopass show email/personal

For more detailed instructions and advanced usage, refer to the official Gopass documentation.

Competitor Comparisons

FiloSottile logo

age

18,759

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

Pros of age

  • Simpler and more focused on file encryption
  • Designed for modern cryptography with a clean, minimal interface
  • Faster performance for large file encryption

Cons of age

  • Limited password management features compared to gopass
  • Lacks advanced organizational capabilities for storing multiple secrets
  • No built-in password generation functionality

Code Comparison

age:

recipient, err := age.ParseX25519Recipient(pubKey)
file, err := os.Open("secret.txt")
encrypted, err := age.Encrypt(file, recipient)

gopass:

store := root.New(cfg)
sec, err := store.Get(ctx, "path/to/secret")
err = store.Set(ctx, "path/to/secret", secret.New("mysecret", "mypassword"))

age focuses on simple file encryption with a streamlined API, while gopass provides a more comprehensive password management solution with additional features for organizing and storing multiple secrets. age is better suited for straightforward file encryption tasks, whereas gopass offers a full-featured password management system with hierarchical storage and team collaboration capabilities.

getsops logo

sops

18,348

Simple and flexible tool for managing secrets

Pros of sops

  • Supports multiple cloud providers (AWS, GCP, Azure) for key management
  • Allows partial encryption of files, maintaining readability
  • Language-agnostic, can be used with various file formats (YAML, JSON, ENV)

Cons of sops

  • Requires external key management services for optimal security
  • Less integrated password management features compared to gopass
  • May have a steeper learning curve for users new to encryption concepts

Code Comparison

sops:

myapp:
    db:
        user: ENC[AES256_GCM,data:...] # Encrypted value
        password: ENC[AES256_GCM,data:...] # Encrypted value
    api_key: ENC[AES256_GCM,data:...] # Encrypted value

gopass:

$ gopass insert myapp/db/user
Enter password for myapp/db/user: ********
$ gopass insert myapp/db/password
Enter password for myapp/db/password: ********
$ gopass insert myapp/api_key
Enter password for myapp/api_key: ********

Both tools offer secure secret management, but sops focuses on file-based encryption with cloud key management support, while gopass provides a more traditional password store approach with Git integration.

bitwarden logo

clients

10,119

Bitwarden client apps (web, browser extension, desktop, and cli).

Pros of Bitwarden

  • Cross-platform support with native clients for various operating systems and browsers
  • User-friendly graphical interface, making it accessible for non-technical users
  • Robust sharing features for teams and organizations

Cons of Bitwarden

  • Requires a centralized server, which may raise privacy concerns for some users
  • Less flexibility for power users who prefer command-line interfaces
  • Potentially slower performance compared to local password managers

Code Comparison

Bitwarden (TypeScript):

export class PasswordGenerationService {
  async generatePassword(options: PasswordGenerationOptions): Promise<string> {
    const lowercase = 'abcdefghijklmnopqrstuvwxyz';
    const uppercase = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
    const numbers = '0123456789';
    // ... (implementation details)
  }
}

Gopass (Go):

func (s *Store) Generate(name string, length int, symbols bool) (string, error) {
	chars := lowercase + uppercase + digits
	if symbols {
		chars += syms
	}
	// ... (implementation details)
}

The code snippets show different approaches to password generation. Bitwarden uses TypeScript and offers more granular options, while Gopass uses Go and provides a simpler interface. Both implementations allow customization of character sets and length.

keepassxreboot logo

keepassxc

23,002

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.

Pros of KeePassXC

  • User-friendly graphical interface, making it more accessible for non-technical users
  • Cross-platform compatibility (Windows, macOS, Linux) with native applications
  • Built-in password generator with customizable options

Cons of KeePassXC

  • Lacks native cloud synchronization, requiring third-party solutions for syncing across devices
  • Limited command-line interface compared to Gopass
  • Does not support advanced features like secret sharing or team-based access control

Code Comparison

KeePassXC (C++):

void Database::setKey(const CompositeKey& key)
{
    m_key = key;
    m_kdf->randomize();
    m_masterSeed = QByteArray(32, '\0');
    Tools::randomize(m_masterSeed);
}

Gopass (Go):

func (s *Store) Set(ctx context.Context, name string, sec *secret.Secret) error {
	p := s.passfile(name)
	if err := s.storage.Set(ctx, p, sec.Bytes()); err != nil {
		return errors.Wrapf(err, "failed to write secret %s", name)
	}
	return nil
}

Both projects use different programming languages and approaches, with KeePassXC focusing on a GUI-centric design and Gopass emphasizing command-line functionality and extensibility.

dani-garcia logo

vaultwarden

45,992

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

Pros of Vaultwarden

  • Fully compatible with official Bitwarden clients
  • Supports multiple users and organizations
  • Lightweight and efficient, suitable for self-hosting

Cons of Vaultwarden

  • Less extensive CLI functionality compared to Gopass
  • May require more setup for self-hosting

Code Comparison

Vaultwarden (Rust):

#[get("/sync")]
fn sync(headers: Headers, conn: DbConn, nt: Notify) -> Json<Value> {
    let user = headers.user;
    let data = user.sync(&conn, &nt, false);
    Json(data)
}

Gopass (Go):

func (s *Action) Sync(c *cli.Context) error {
    store := c.String("store")
    return s.Store.Sync(ctxutil.WithGlobalFlags(c), store)
}

Vaultwarden provides a web API for syncing, while Gopass focuses on CLI-based syncing. Vaultwarden's code is more web-oriented, handling HTTP requests and database connections. Gopass's code is simpler, reflecting its command-line nature.

Both projects aim to provide secure password management, but with different approaches. Vaultwarden offers a self-hosted Bitwarden-compatible server, while Gopass is a command-line password manager with Git integration. Choose based on your preference for web-based or CLI-centric password management.

lastpass logo

lastpass-cli

2,881

LastPass command line interface tool

Pros of lastpass-cli

  • Seamless integration with LastPass ecosystem and web interface
  • Supports sharing passwords and secure notes with other LastPass users
  • Extensive documentation and user guides available

Cons of lastpass-cli

  • Closed-source backend, limiting transparency and community contributions
  • Requires a LastPass account and internet connection for full functionality
  • Less flexible in terms of customization and extensibility

Code Comparison

lastpass-cli:

# Fetch and show password
lpass show -c --password "Example Entry"

# Generate and add a new password
lpass generate --username user@example.com "New Entry" 20

gopass:

# Fetch and show password
gopass show -c example/entry

# Generate and add a new password
gopass generate example/new-entry 20

Key Differences

  • gopass is fully open-source, while lastpass-cli relies on a proprietary backend
  • gopass offers local storage and offline functionality, whereas lastpass-cli requires internet connectivity
  • lastpass-cli is tightly integrated with the LastPass ecosystem, while gopass is more flexible and can work with various backends
  • gopass provides advanced features like git integration and support for multiple password stores

Both tools offer command-line password management, but they cater to different user needs and preferences. Choose based on your requirements for openness, ecosystem integration, and flexibility.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

gopass Gopher by Vincent Leinweber, remixed from the Renée French original Gopher

Overview

OpenSSF Scorecard Build Status Go Report Card Packaging status MIT License Github All Releases Gopass Slack

The slightly more awesome standard UNIX password manager for teams.

Manage your credentials with ease. In a globally distributed team, on multiple devices or fully offline on an air gapped machine.

  • Works everywhere - The same user experience on Linux, MacOS, *BSD or Windows
  • Built for teams - Built from our experience working in distributed development teams
  • Full autonomy - No network connectivity required, unless you want it

How Does It Work?

By default your credentials are encrypted with GPG and versioned in git. This can be customized easily. The primary interface is the command line, making it an excellent choice for CLI fans, CI/CD systems or anything you can hook it up with. Gopass can also integrate with your browser so you can largely avoid the command line - if you want.

Installation

Necessary prerequisites for running gopass

gopass can operate without any dependencies but most users will use it with gpg and git. An external editor is required to use gopass edit.

Installation through package managers

Homebrew (Linux/MacOS)

homebrew version

brew install gopass

MacPorts (macOS)

macports version

sudo port install gopass

Debian (Ubuntu, Debian, Raspbian, ...)

Warning: Do not install the gopass package for the official repositories. That is a completely different project that has no relation to us.

curl https://packages.gopass.pw/repos/gopass/gopass-archive-keyring.gpg | sudo tee /usr/share/keyrings/gopass-archive-keyring.gpg >/dev/null
cat << EOF | sudo tee /etc/apt/sources.list.d/gopass.sources
Types: deb
URIs: https://packages.gopass.pw/repos/gopass
Suites: stable
Architectures: all amd64 arm64 armhf
Components: main
Signed-By: /usr/share/keyrings/gopass-archive-keyring.gpg
EOF
sudo apt update
sudo apt install gopass gopass-archive-keyring

Fedora / RedHat / CentOS

Fedora version

dnf install gopass

Note: You might need to run dnf copr enable daftaupe/gopass first.

Arch Linux

Arch version

pacman -S gopass

Windows

Scoop version

# WinGet
winget install Git.Git
winget install GnuPG.Gpg4win
winget install gopass.gopass
# Chocolatey
choco install gpg4win
choco install gopass
# Alternatively
scoop install gopass

FreeBSD / OpenBSD

cd /usr/ports/security/gopass
make install

Alpine Linux

apk add gopass

Other installation options

Please see docs/setup.md for other options.

From Source

go install github.com/gopasspw/gopass@latest

Note: latest is not a stable release. We recommend to only use released versions.

Manual download

Download the latest release and add the binary to your PATH.

Quick start guide

Initialize a new gopass configuration:

gopass setup

   __     _    _ _      _ _   ___   ___
 /'_ '\ /'_'\ ( '_'\  /'_' )/',__)/',__)
( (_) |( (_) )| (_) )( (_| |\__, \\__, \
'\__  |'\___/'| ,__/''\__,_)(____/(____/
( )_) |       | |
 \___/'       (_)

🌟 Welcome to gopass!
🌟 Initializing a new password store ...
🌟 Configuring your password store ...
🎮 Please select a private key for encrypting secrets:
[0] gpg - 0xFEEDBEEF - John Doe <john.doe@example.org>
Please enter the number of a key (0-12, [q]uit) (q to abort) [0]: 0
❓ Do you want to add a git remote? [y/N/q]: y
Configuring the git remote ...
Please enter the git remote for your shared store []: git@gitlab.example.org:john/passwords.git
✅ Configured

By default gopass setup will use gpg encryption and git storage. This will create a new password store in $HOME/.local/share/gopass/stores/root and a configuration in $HOME/.config/gopass/config using gpg encryption and git for versioned storage. Users can override these with e.g. --crypto=age to use age encryption instead or opt out of using a versioned store with --storage=fs.

An existing store can be cloned with e.g. gopass clone git@gitlab.example.org:john/passwords.git.

Create a new secret:

gopass create

List all existing secrets:

gopass ls

Copy an existing password to the clipboard:

gopass show -c foo

Remove an existing secret:

gopass rm foo

Other examples:

# Command structure
gopass [<command>] [options] [args]
# Shortcut for gopass show [<key>]
gopass [<key>]

# Enter the gopass REPL
gopass

# Find all entries matching the search string
gopass find github

# List your store
gopass ls

# List all mounts
gopass mounts

# List all recipients
gopass recipients

# Sync with all remotes
gopass sync

# Setup a new store
gopass setup

Screenshot

screenshot

Support

Please ask on Slack.

Contributing

We welcome any contributions. Please see CONTRIBUTING.md for more information.

Credit & License

gopass is licensed under the terms of the MIT license. You can find the complete text in LICENSE.

Please refer to our Contributors page for a complete list of our contributors.