Skip to main content

Project Overview

Secure Password Vault CLI is a small command-line application designed and built with security as the primary goal. It demonstrates secure storage, retrieval, and management of secrets using encryption, environment-based configuration, careful input validation, and safe logging.

Features:

  • Store and retrieve encrypted secrets.
  • Use a master key from an environment variable or user-provided passphrase (key derivation).
  • Minimal, auditable code surface for review.

Threat Model:

  • Attacker with access to the storage file but not the master key.
  • Local attacker attempting to read temporary files or logs.
  • Accidental exposure via insecure defaults.

Lesson: Build small, focused tools with clear threat models and minimal trusted surface area.