A simple vaultless password manager in Go ↦
Vaultless as in you do not need to manage a password vault.
Instead of storing your passwords in a vault it derives your password on the fly from your master password and supplied realm string (for example, resource URL).
How cool is that?! Here’s an example use:
gokey -p super-secret-master-password -r example.com
Sign in or Join to comment or subscribe
Now change your password after it’s exposed in a breach :P
To elaborate, I’ve seen many similar schemes/tools, but in the end they either lack the flexibility to accommodate special rules for sites (e.g. some sites have restrictions on which chars), or the number of config knobs end up being a pseudo password that you need to remember anyway.
Add to that the inability to rotate passwords, and it’s really hard to justify not using a vaulted password manager.