A simple, secure CLI-based password vault written in Go.
GoVault stores and retrieves secrets locally using AES-GCM encryption and Argon2id key derivation
- Secure storage with AES-GCM and Argon2id
- Master password verification
- CLI interface for managing secrets
- Fuzzy search for easier key lookups
- Import/export of encrypted vault data
- Password generator (standalone or integrated into
add) - Encrypted local file storage
- Go 1.20 or higher (if building from source)
Download the latest binary from the Releases page for your OS.
Or build from source:
go build -o govault ./cmd/govaultFirst-time run will:
- Prompt you to set a master password
- Generate a salt and hash for verification
- Create an encrypted vault file (
vault.enc) and metadata file (meta.json)
You can view all available commands and flags by running:
govault --helpTo view details for a specific command:
govault <command> --helpExample:
govault add --help
.
├── assets
├── cmd
│ └── govault
├── internal
│ ├── backup
│ ├── crypto
│ ├── fileIO
│ ├── generator
│ ├── logger
│ ├── model
│ └── vault
└── pkg
├── cli
└── cobraCLI- Migrate to SQL database for scalable storage
- Switch from whole vault encryption to per-row encryption
- Tagging system for secrets to enable filtered listing
- Potential future CLI enhancements
This project is licensed under the Apache 2.0.