

Show HN: keys - a password manager for hackers - arete
https://github.com/wg/keys

======
bhauer
Anything by Will Glozer requires an upvote in my book.

Plus, as a private, installable, client-server solution, this is genuine
progress toward solving the problem posted by a recent Ask HN question: "How
does your business manage passwords?" [1]

[1]
[https://news.ycombinator.com/item?id=6061415](https://news.ycombinator.com/item?id=6061415)

------
arete
keys ([https://github.com/wg/keys](https://github.com/wg/keys)) is the
password manager I've always wanted. It's a client/server application with a
command line UI, and the server can run on a mobile device so your credentials
are available wherever needed.

keys is open source (GPLv3) and includes a basic Android app that runs the
server. The code should run on iOS as well, but the lack of background
networking is an issue.

keys provides strong protection for credentials. For details please read
SECURITY, but to summarize everything is encrypted with AES in GCM mode using
a randomly generated key, which in turn is encrypted with with a key derived
from a password via the scrypt KDF. Network communication occurs over mutually
authenticated TLS 1.2 connections.

If you'd like to try the Android app without the hassle of building it
yourself, please join [https://groups.google.com/forum/#!forum/keys-
app](https://groups.google.com/forum/#!forum/keys-app) and I'll send you a
Play store beta test link.

Enjoy!

