DEV Community

Cover image for Building a Password Manager in Go
Srikanth
Srikanth

Posted on • Edited on

Building a Password Manager in Go

As a software developer, I've always been fascinated by the intersection of security and usability. Recently, I decided to embark on an exciting project: creating a command-line password manager using Go. I want to share the beginning of this journey with you, starting with the very first commit.

The Genesis

On November 27, 2023, I made the initial commit for my project, which I've named "dost" (friend in Hindi, reflecting its role as a helpful companion for password management). This first step, while small, lays the foundation for what I hope will become a robust and user-friendly tool.

Inspiration and Vision

Screenshot of passwordstore.org the command line password manager

While embarking on this project, I drew inspiration from the popular command-line password manager pass. The simplicity and effectiveness of pass caught my attention, and I decided to use its API as a blueprint for building my own password manager in Go.

Diving into the source code of pass was an eye-opening experience. I was intrigued to discover that the entire functionality of this widely-used tool is encapsulated in one comprehensive Bash script. This elegant simplicity is something I admire and hope to emulate in my own project, albeit using Go's strengths.

By studying pass, I've gained valuable insights into the essential features of a command-line password manager and the user experience it should provide. As I continue to develop "dost", I'll be keeping these lessons in mind, aiming to create a tool that combines the simplicity of pass with the performance and cross-platform compatibility benefits of Go.

This exploration has not only provided a roadmap for features to implement but also reinforced my belief in the power of well-crafted, focused tools. I'm excited to see how this inspiration will shape the evolution of "dost" in the coming stages of development.

First Features

The initial commit focused on two core functionalities:

  1. Password Generation: I implemented a basic password generator that allows users to specify their desired password length. This feature aims to create strong, randomized passwords tailored to various security requirements.

  2. Clipboard Integration: To enhance user experience, I ensured that the generated password is automatically copied to the clipboard. This small but crucial feature saves time and reduces the risk of transcription errors.

Technical Insights

Let's dive into some of the technical aspects of this first iteration:

  • Go Version: The project is built using Go 1.21.0, leveraging the language's simplicity and efficiency.
  • External Dependencies: I'm using the github.com/atotto/clipboard package to handle clipboard operations across different operating systems seamlessly.
  • Random Generation: The password generation utilizes Go's crypto/rand package for secure random number generation, crucial for creating unpredictable and strong passwords.
  • Character Set: The password generator includes uppercase and lowercase letters, digits, and a variety of special characters to ensure complexity.

Code Snippets

Let's look at some key parts of the implementation:

  1. Password Generation Function:


func generatePassword(length int) (string, error) {
    const (
        uppercaseLetters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
        lowercaseLetters = "abcdefghijklmnopqrstuvwxyz"
        digits           = "0123456789"
        specialChars     = "!@#$%^&*()-_=+[]{}|;:'\",.<>/?"
    )

    allChars := uppercaseLetters + lowercaseLetters + digits + specialChars

    var password string
    for i := 0; i < length; i++ {
        randomIndex, err := rand.Int(rand.Reader, big.NewInt(int64(len(allChars))))
        if err != nil {
            return "", err
        }
        password += string(allChars[randomIndex.Int64()])
    }

    return password, nil
}


Enter fullscreen mode Exit fullscreen mode

This function creates a password by randomly selecting characters from a predefined set, ensuring a mix of uppercase, lowercase, digits, and special characters.

  1. Clipboard Integration:


func writeToClipboard(text string) error {
    return clipboard.WriteAll(text)
}


Enter fullscreen mode Exit fullscreen mode

This simple function utilizes the clipboard package to write the generated password to the system clipboard.

  1. Main Function:


func main() {
    passwordLength := flag.Int("length", 12, "length of your password")
    flag.Parse()

    password, err1 := generatePassword(*passwordLength)
    if err1 != nil {
        fmt.Println("Error generating password:", err1)
        return
    }

    fmt.Println("Generated Password:", password)

    err2 := writeToClipboard(password)
    if err2 != nil {
        fmt.Println("Error writing to clipboard:", err2)
        os.Exit(1)
    }

    fmt.Println("Copied to clipboard! ✅\n")
}


Enter fullscreen mode Exit fullscreen mode

The main function ties everything together. It uses Go's flag package to allow users to specify the password length, generates the password, and copies it to the clipboard.

Command-Line Interface

As you can see in the main function, I've implemented a simple CLI using Go's flag package. Users can specify the desired password length using the -length flag, with a default of 12 characters if not specified.

Looking Ahead

This first commit is just the beginning. As I continue to develop this password manager, I plan to add features such as:

  • Secure storage of passwords
  • Encryption of stored data
  • Search and retrieval functionalities
  • Password strength analysis

I'm excited about the journey ahead and the challenges it will bring. Building a password manager is not just about coding; it's about understanding security principles, user needs, and creating a tool that people can trust with their sensitive information.

Stay tuned for more updates as this project evolves. I'll be sharing my progress, challenges, and learnings along the way. If you're interested in following along or contributing, feel free to check out the project on GitHub.

GitHub logo svemaraju / dost

dost command line password manager written in Go

dost

dost is a CLI password manager written in Go.

Inspired by (Pass)[https://www.passwordstore.org/]

Features

  • Generate random passwords of configurable length
  • Copy generated passwords to clipboard automatically
  • Skip using symbols

Usage

> go build -o dost main.go
Enter fullscreen mode Exit fullscreen mode

Generating password:

> ./dost generate email/vema@example.com
Generated Password: );XE,7-Dv?)Aa+&<{V-|pKuq5

Generating password with specified length (default is 25):

> ./dost generate email/vema@example.com 12
Generated Password: si<yJ=5/lEb3

Copy generated password to clipboard without printing:

> ./dost generate -c email/vema@example.com 
Copied to clipboard! ✅

Avoid symbols for generating passwords:

> ./dost generate -n email/vema@example.com 
Generated Password: E2UST}^{Ac[Fb&D|cD%;Eij>H

Under development

  • Insert a new password manually
  • Show an existing password
  • List all entries
  • Password storage
  • GPG Key based encryption

License

MIT






Top comments (0)