Anything by Will Glozer requires an upvote in my book.<p>Plus, as a private, installable, client-server solution, this is genuine progress toward solving the problem posted by a recent Ask HN question: "How does your business manage passwords?" [1]<p>[1] <a href="https://news.ycombinator.com/item?id=6061415" rel="nofollow">https://news.ycombinator.com/item?id=6061415</a>
keys (<a href="https://github.com/wg/keys" rel="nofollow">https://github.com/wg/keys</a>) is the password manager I've always wanted. It's a client/server application with a command line UI, and the server can run on a mobile device so your credentials are available wherever needed.<p>keys is open source (GPLv3) and includes a basic Android app that runs the server. The code should run on iOS as well, but the lack of background networking is an issue.<p>keys provides strong protection for credentials. For details please read SECURITY, but to summarize everything is encrypted with AES in GCM mode using a randomly generated key, which in turn is encrypted with with a key derived from a password via the scrypt KDF. Network communication occurs over mutually authenticated TLS 1.2 connections.<p>If you'd like to try the Android app without the hassle of building it yourself, please join <a href="https://groups.google.com/forum/#!forum/keys-app" rel="nofollow">https://groups.google.com/forum/#!forum/keys-app</a> and I'll send you a Play store beta test link.<p>Enjoy!