CLI Password Manager

Hacker’s Secret Vault

Imagine you’re a hacker who needs to store dozens of credentials like SSH keys, API tokens, cloud passwords. Writing them in plain text is dangerous. You need a vault: a secure, encrypted place where secrets are stored and retrieved only when needed.

This project builds a Command Line Interface (CLI) Password Manager in Python. It will let you add, retrieve, and manage passwords securely using encryption, file storage, and a simple CLI interface.

Why a Password Manager

Security: Protects sensitive credentials with encryption.
Convenience: Stores multiple passwords in one place.
Automation: CLI commands make retrieval fast and scriptable.
Scalability: Can be extended to support cloud secrets or APIs.
Real‑World Analogy: Like a hacker’s vault - locked, encrypted, and accessible only with the right key.

Core Components

Encryption: Use cryptography library (Fernet symmetric encryption).
Storage: Save encrypted passwords in a local file (vault.json).
CLI Interface: Use argparse for commands (add, get, list).
Master Key: Protects all stored credentials.

Implementation – Step by Step

Setup Encryption

from cryptography.fernet import Fernet

# Generate a key (run once and save securely)
key = Fernet.generate_key()
cipher = Fernet(key)

# Encrypt and decrypt
encrypted = cipher.encrypt(b"my_secret_password")
print("Encrypted:", encrypted)

decrypted = cipher.decrypt(encrypted)
print("Decrypted:", decrypted.decode())

2. Vault Storage

import json

def save_vault(vault, filename="vault.json"):
    with open(filename, "w") as f:
        json.dump(vault, f)

def load_vault(filename="vault.json"):
    try:
        with open(filename, "r") as f:
            return json.load(f)
    except FileNotFoundError:
        return {}

3. CLI Interface

import argparse

parser = argparse.ArgumentParser(description="CLI Password Manager")
parser.add_argument("command", choices=["add", "get", "list"])
parser.add_argument("--service", help="Service name")
parser.add_argument("--password", help="Password")

args = parser.parse_args()

4. Putting It Together

vault = load_vault()

if args.command == "add":
    vault[args.service] = cipher.encrypt(args.password.encode()).decode()
    save_vault(vault)
    print(f"Password for {args.service} added.")

elif args.command == "get":
    encrypted = vault.get(args.service)
    if encrypted:
        print("Password:", cipher.decrypt(encrypted.encode()).decode())
    else:
        print("Service not found.")

elif args.command == "list":
    print("Stored services:", list(vault.keys()))

Real‑World Usage

# Add a password
python manager.py add --service github --password mypass123

# Retrieve a password
python manager.py get --service github

# List all stored services
python manager.py list

The Hacker’s Notebook

Encryption (cryptography) secures sensitive credentials. JSON storage keeps vaults lightweight and portable.
CLI (argparse) makes the tool scriptable and user‑friendly. Password managers are critical for DevOps, cloud, and security workflows.

Hacker’s Mindset: treat this project as your secret vault. It’s the foundation for managing credentials securely in real‑world systems.

Tips, Tricks, Roadmaps, Resources, Networking, Motivation, Guidance, and Cool Stuff ♥

Updated on Jan 3, 2026

Module 1: Foundations

Module 2: Control Flow

Module 3: Data Structures

Module 4: Functions

Module 5: OOP Programming

Module 6: Advanced Python

Module 7: Libraries

Module 8: Python for DevOps

Module 9: Capstone Projects