:closed_lock_with_key: Pretty command-line password manager

go get



Travis CI

safely is a command-line tool for managing passwords. It stores all your credentials in a simple JSON-formatted file, encrypted and signed using your private OpenPGP key: this makes it pretty secure and allows manual decryption of the database when needed.


  • Simple database format and GPG-based encryption to avoid lock-in.
  • Fool-proof command-line interface.
  • Support for 2-factor authentication, based on the TOTP algorithm (compatible with e.g. google-authenticator).
  • Support for password strength estimation.

Getting Started

Before starting, note that a running gpg-agent is required for secret key operations, which is generally a good thing since this way safely doesn't need to know your GPG key's passphrase.

You may also want to add the following definition to your gpg.conf:

default-key <your_key_id>

Where <your_key_id> is the ID of your key. This way the --keys <your_key_id> argument used below can be omitted.

To install, simply run:

$ go get


Here are a few usage examples:

  • Create a new database:
$ safely --create --keys <your_key_id>
  • Add a new account:
$ safely --add --keys <your_key_id>
  • Show password of a given account:
$ safely --pass
  • Generate a 2-factor authentication token (you need to provide the 2-factor secret key during --add or --edit):
$ safely --2fa
  • Save password to X clipboard:
$ safely --pass | xclip -loops 1
  • Search accounts matching a string:
$ safely --search google
  • Remove account:
$ safely --remove --keys <your_key_id>

See the man page for more information.


safely is distributed as source code. Build with:

$ make


Copyright (C) 2014 Alessandro Ghedini

See COPYING for the license.