A minimal, local, file-backed credential manager written in Python. It stores encrypted secrets (name, username, password, URL, comments) on the local machine and protects them with a master password.
This project is a hobby project and may contain bugs or incomplete features. Use cautiously and do not rely on it for critical or production secrets without reviewing the code and understanding the risks.
-
First initialization
- On the first run the CLI performs an interactive setup and prompts you to create and confirm a master password. This prepares the application for secure use.
-
Master password (critical)
- The master password is the single, critical key for the vault. All stored secrets are encrypted and require this password to access. If you lose the master password the application cannot recover the secrets.
-
Failsafe & warnings
- The application tracks incorrect master-password attempts and will warn when thresholds are reached. A failsafe protection may activate to protect the data (which can result in data being removed) — treat this as a security feature and act cautiously.
-
Local storage
- All data (metadata and encrypted secrets) is stored on the user's local machine. No cloud storage is used by default.
-
CLI menu options
- Add Secret: interactively add a new secret.
- View Secret: view details for a stored secret (requires master password).
- Update Secret: modify an existing secret.
- Delete Secret: remove a secret from the store.
- List All Secrets: display a list of stored secret names.
- Export to CSV: export stored entries to a CSV file (to a default app location by default); prompts before overwriting an existing file and allows you to choose a different name/location.
- Import from CSV: import entries from a CSV file; prompts before overwriting existing entries or files and lets you select the import file.
- Exit: quit the CLI.
Prerequisites:
- Python 3.8+ (Python 3.11+ tested by project artefacts)
- pip
Install dependencies:
Windows PowerShell:
python -m pip install --upgrade pip; python -m pip install -r requirements.txt
Or use the provided Windows launcher SimpleCredentialManagerCli.bat which attempts to find Python and install
requirements automatically.
-
Start the CLI directly:
python SimpleCredentialManagerCli.py
-
Or use the OS-specific launcher scripts:
- Windows: run
SimpleCredentialManagerCli.bat(this will open the CLI in a new Command Prompt window) - POSIX: run
./SimpleCredentialManagerCli.sh
On first run:
- You'll be prompted to create a master password and re-enter it. The app will create the metadata and secrets files on your local machine.
- Keep the master password safe. If you lose it, the application cannot recover the secrets (they are encrypted with a key derived from the password).
- The
container/directory contains a Dockerfile that builds an Ubuntu-based image with the dependencies needed to run the CLI in an isolated environment. This is useful to test the project in a disposable environment before running it on your local machine. - Important: by default the container does not map any host directories or volumes. Any data (secrets or metadata) created inside the container will be lost when the container stops or you log out, unless you explicitly mount a host directory or Docker volume for persistence.
To build and run the container:
cd container
docker build -t simple-credential-manager .
docker run -it --rm simple-credential-manager
This project includes a LICENSE file at the repository root. Check it for licensing details.
For questions or contributions, open an issue or a pull request against the repository.