rustpwman

rustpwman is a simple password manager written in Rust using the cursive TUI library. You may wonder why someone writes a TUI application in 2025. The main reason is portability without creating a dependency to any of the usual GUI toolkits. rustpwman should work on macOS, Linux and Windows and it should compile without the necessity to install more or less exotic (or maybe even toxic) toolchains. Additionally I like the retro appeal of it and it can be used over SSH.

Building the software

Under Linux and macOS use cargo build --release to build with all features enabled. Under Windows you should call the batch file build_win.bat from a Visual Studio Developer prompt for this purpose. On top of that there is a separate section in this README that deals with building under Windows. If you want a minimal set of features (and therefore a minimal set of dependencies) you can use cargo build --release --no-default-features under Linux, macOS and Windows. In this case the password cache, support for WebDAV, additional crypto algorithms, the automatic local backup feature and the possibility to encode an entry in a QR code are not available.

If you have an older version of this repo on your machine you may need to perform a cargo update after pulling this release otherwise the official version 0.21 of cursive will not build. I am curently using version 1.91.0 of rustc.

How to run the software

The basic concept of rustpwman is to manage a set of entries which have a value or content. The entries are presented in a flat list and no further structuring is offered at the moment. In order to start the program use

rustpwman gui -i <file_name>

or cargo run --release -- gui -i <file_name> which will result, after a successful password entry, in a window similar to this one.

If the file specified through the -i parameter does not exist rustpwman will create a new data file using that name after you have supplied a suitable password.

Getting help

Calling rustpwman help prints information about all available commands and produces the following output

A password manager for the cursive TUI in Rust

Usage: rustpwman [COMMAND]

Commands:
  enc   Encrypt file
  dec   Decrypt file
  gui   Open file in TUI
  cfg   Change configuration
  gen   Generate passwords
  obf   Obfuscate WebDAV password
  help  Print this message or the help of the given subcommand(s)

Options:
  -h, --help     Print help information
  -V, --version  Print version information

Use rustpwman <command> -h to get additional help for each command.

Functionality of the gui command

This is the command you will use the most. It asks for a password and then presents the text user interface which allows you to manage the password data. When using rustpwman gui with the --backup option it is possible to export the whole contents of the password file in plaintext to an HTML file. The purpose of this feature is to allow the user to create an offline backup of the password data in a widely supported file format which can either be stored digitally or in printed form. In order to mirror the behaviour of the rustpwman dec command the user is forced to enter the password of the data file independent of a possibly cached password. After a successfull data export rustpwman starts up in the usual fashion.

The File menu

The File menu contains the following entries.

Save file

Selecting this entry saves the encrypted data file using the password that was specified during program start or has been changed using Change password.

Change password

Using this entry allows to select a new password which is used to encrypt the data file. After a new password has been selected the data file is saved automatically. The new password is also used in subsequent save operations. If rustpwman is compiled with the pwmanclient feature then the password cache is also automatically cleared, as the cached password is now incorrect.

Cache password

Via this entry the password of the container can be cached in pwman. This item is only present if rustpwman is compiled with the pwmanclient feature for the correct platform (see 'Optional Features' below).

Clear cached password

When selecting this entry rustpwman attempts to remove a cached password from pwman. This item is only present if rustpwman is compiled with the pwmanclient feature.

About

Shows an about dialog containing information about the author, the program version and the set of activated build features.

Info

Shows how many entries are present in this data file, how it is accessed, where it is located and how it is encrypted. Additionally it is shown whether the password is currently cached or not.

Undo changes

When an entry is modified, added or deleted rustpwman retains information which allows to undo this modification. Selecting this menu entry opens a dialog which allows to manually undo changes in the reverse order in which they were applied or to undo all unchages which have been recorded since the last time the data file was saved.

Quit and print

Selecting this entry ends the program and prints the value of the currently selected entry as well as the values of all queued entries to the CLI window after the TUI has been closed. About the reasoning behind this idea have a look at the section A note about using the clipboard. Instead of selecting this menu entry you can alternatively press F4.

If your primary goal is to store the contents of an entry in the clipboard you can do that directly by selecting the Copy to clipboard or Copy contents entries from the Entry menu.

Quit

Through this menu entry the program can be closed. Before ending the program it is checked if there are unsaved changes. If there are then the user is warned correspondingly and has the possibility to not end the program in order to save the changed state. Instead of selecting this menu entry you can alternatively press F3.

The Entry menu

This menu contains all operations that are supported with respect to entries. If any entry is modified then the title of the entry list is changed from Entries to Entries * until the file is saved. I.e. if the header is Entries * then there are unsaved changes.

Edit entry

This menu entry allows to manually edit the value or contents of the currently selected password entry. After the edit dialog opens you can additionally either generate a random password and insert it at the current cursor position or insert the current contents of the clipboard at that position.

When inserting a random password into the current entry the user has to specify some parameters which will influence the password generation process. One parameter is the security level in bits (of entropy). This describes how large the set of passwords should be from which the generator selects one at random. A security level of k bits in the context of rustpwman means that there are at least 2**k passwords to choose from (but there may be more). This parameter in essence determines the difficulty for an attacker when performing a brute force password search. The default security level is 80 bits but this can be changed by a config file (see below).

Additionally the user is able to select the set of characters which may appear in the randomly generated password. Currently the following alternatives are offered:

• Base64, (Upper and lower case letters, the digits 0-9 and two special characters: Here $ and ! ).
• Hex (The digits 0-9 and the upper case letters A-F)
• Numeric (The digits 0-9)
• Special: This password generator aims to create pronouncable passwords which are constructed from the following elements: A sequence of two letter groups which consist of a consonant followed by a vowel. There are 420 such groups. Therefore when selecting one of these groups at random each one contains 8.7 bits of entropy. The final four character group is a consonant followed by a three digit number. There are 52*1000 such four character groups so it has an entropy of 15.6 Bits when one is chosen randomly.
• Custom: When selecting this option the user can customize the character set which is used to generate the password.

The controls to select a custom character set are hidden unless you select the custom option. According to the Rust documentation the random number generator underlying the whole process is a thread-local CSPRNG with periodic seeding from OsRng. Because this is local, it is typically much faster than OsRng. It should be secure, though the paranoid may prefer OsRng.

Copy to clipboard

This menu entry can be used to copy the value of the currently selected password entry and the values of all queued entries to the clipboard. For the reasons described below this feature requires an additional tool which accepts its input via stdin and uses that data to set the clipboard contents. The path to this tool can be confgured by calling rustpwman cfg. When you use clip.exe under Windows for this purpose you have to be aware that non ASCII characters may not be displayed correctly after pasting the clipboard data. The reason for this is that clip.exe expects a character encoding different from UTF-8 which is the default for Rust. If you want to prevent this problem you can use paste_utf8.exe -c instead of clip.exe. Instead of selecting this menu entry you can alternatively press F2.

Copy contents

Via this menu entry you can copy the unformatted (leading and trailing white space is trimmed!) contents of the entry to the clipboard. In other words if an entry only contains a secret or a password you can use this entry to copy the password to the clipboard and paste it directly into the corresponding password dialog. As there is, at least in my primary usecases, quite a bit of additional information (for instance URLs, comments or explanatory text) in most entries this is not a general solution for speeding up login to a simple copy and paste operation. When selecting this entry the queue contents (see below) is ignored. Instead of selecting this menu entry you can alternatively press F5.

Add entry

Select this menu item to create a new password entry and edit its contents.

Delete entry

Use this menu entry to delete the currently selected password entry. Before deleting the entry the user is prompted whether the entry is really to be deleted.

Rename entry

Via this menu entry the currently selected entry can be renamed. It is not allowed to use the empty string as a new name. rustpwman also checks that no entry having the new name already exists.

Clear entry

Via this menu entry the contents of the currently selected password entry can be cleared. As with deletion the user is prompted for confirmation before the contents is cleared.

Load entry

This allows to load the contents of a (text-)file into an entry. The current contents of the entry is overwritten.

To QR-Code

This entry is visible when the feature qrcode was used to build rustpwman. Via this entry you can create a QR code which encodes the contents of the entry. This can be useful if you want use data stored in rustpwman on a mobile phone. It is especially handy, if the data stored in rustpwman is a otpauth://-URL which holds the value and the usage parameters of a TOTP secret.

As rustpwman is a text mode only application it can not show images directly. We therefore have to make use of an OS-specific helper application which allows us to display an image stored in the file system of the machine on which rustpwman runs. This also means that the image containing the QR code has to be created before it can be displayed. For this purpose you have to specify the file name in which to store the QR code.

After you have scanned the QR code with your device you most probably want to delete the file again. rustpwman offers to do that for you immedeately after starting the image viewer.

The Queue menu

In version 2.2.0 the notion of an entry queue has been introduced to rustpwman. The idea behind this is that at certain times it is known beforehand that several entries of the password file will be needed to complete a task. Without this feature several copy and paste operations including switching to another application are necessary to retrieve the desired information. Using the entry queue allows password file entries to be marked for being retrieved in addition to the currently selected entry when performing a Copy to clipboard or Quit and print operation. After this operation is completed the queue is emptied.

Add to queue

Use this menu entry to mark the currently selected password file entry for being retrieved when a Copy to clipboard or Quit and print operation occurs. Instead of selecting this menu entry you can alternatively press F1.

Show queue

Select this menu entry to view a list of currently queued password file entries.

Clear queue

Via this menu entry the queue can be emptied.

A note about using the clipboard

It has to be noted that copying and pasting text in its most basic form is not possible in a terminal window while the cursive application is running. This in turn is probably an unfixable problem as cursive by definition controls the cursor in the terminal window, which most likely precludes the OS from "doing its thing".

rustpwman works around this problem in three ways. At first pasting from the clipboard is emulated by spawning a new process in which a command is executed that writes the clipboard contents to stdout. rustpwman can then read the output of that process and write it into the TUI. rustpwman expects that the data to be read from stdout is UTF-8 encoded.

Secondly copying to the clipboard is possible as soon as rustpwman has stopped. When selecting Quit and print from the main menu rustpwman is stopped and the contents of the currently selected entry is printed to the terminal window. The necessary information can now be copied from the terminal into the clipboard and pasted where needed.

The third implemented option is the possibility to copy an entry as a whole to the clipboard by spawning a process that runs a program which is able to transfer the data it receives via stdin to the clipboard. As Rust uses the UTF-8 character encoding this works best when the tool used for this purpose also expects its data in UTF-8.

As additional workarounds there are a possibility to load data from a file into an existing entry using the Load entry menu entry and to export the contents of an entry as a QR code.

Configuration or the functionality of the cfg command

The cfg command

Rustpwman uses a TOML config file for setting the default security level for newly generated passwords, the default password generator, the default PBKDF, CLI commands which can be used to set and retrieve the contents of the clipboard and to view images containing QR codes and optionally the parameters needed for a WebDAV connection. The most convenient way to edit the config file is to use the rustpwman cfg command which will open a window similar to this one

This screenshot was taken while running a version which was compiled with all features. Here is an example for a rustpwman configuration file:

[defaults]
seclevel = 18
pbkdf = "argon2"
pwgen = "special"
clip_cmd = "xsel -ob"
copy_cmd = "xsel -ib"
viewer_cmd = "xdg-open"
bkp_file_name = "/home/user/backup_file.enc"
webdav_user = ""
webdav_pw = ""
webdav_server = ""

Where the entries have the following semantics:

• seclevel has to be an integer between 0 and 31. The security level in bits is calculated as (seclevel + 1) * 8.
• pbkdf is a string that can assume the values scrypt, argon2, sha256
• pwgen is one of the strings base64, hex, numeric or special
• clip_cmd is a string which specifies a command that can be used to write the current contents of the clipboard to stdout.
• copy_cmd is a string which specifies a command that can be used to transfer the data sent to it via stdin to the clipboard.
• viewer_cmd is a string which specifies a command that can be used to show an image, when the qrcode feature is active. This entry is optional.
• bkp_file_name is a string which specifies the name of a file in which to store automatic backup when the writebackup feature is active. This entry is optional.
• See below for an explanation of the webdav_xx entries.

The default value for clip_cmd is xsel -ob, which works on Linux to retrieve the contents of the clipboard, which is filled via CTRL+C or after activating the Copy item from the context menu. If you want to use the primary selection, where text only has to be selected and not explicitly copied then use xsel -op. Remark: I had to manually install xsel on Ubuntu. Under MacOS pbpaste -Prefer txt can be used. For usage under Windows rustpwman provides the ("slightly" overengineered ;-)) tool paste_utf8.exe which can be built in a Visual Studio developer prompt using the build_paste_utf8.bat batch file.

The value copy_cmd uses xsel -ib as a default. This should work under Linux. Use pbcopy under MacOS and clip.exe or paste_utf8.exe -c under Windows.

As the value of viewer_cmd you can use eog (Gnome) or xdg-open on Linux, open -a Preview on MacOS and explorer.exe under Windows.

As a default the config file is stored in the users' home directory in a file named .rustpwman and you can alternatively edit it by hand instead of calling rustpwman cfg. If the environment variable PWMAN_CONFIG is set to a value, then rustpwman will interpret its value as the file name of a separate config file. This can be useful during testing or when using password files on several WebDAV servers. Additionally the option --cfgfile can also be used to specify a dedicated config file. If it is present the value of the option takes precedence over the contents of the environment variable.

Environment variables

You can influence the behaviour of rustpwman via the values of the following environment variables:

Name	Intended use
PWMANCIPHER	If the chacha20 feature is active and this variable is set then the values AES192 and AES256 select AES-192 GCM or AES-256 GCM as a cipher. Any other value selects ChaCha20-Poly1305. If not set AES-256 GCM is used. If an algo is specified on the command line then it takes precendence over the contents of this environment variable.
PWMANBKP	If the feature writebackup is active the contents of this variable specifies the file name to store the backup in. If neither this variable nor the config entry bkp_file_name is set then the default value rustpwman_last.enc will be used. If the config entry is present it takes precedence over the environment variable.
RUSTPWMAN_OBFUSCATION	Key used to obfuscate WebDAV access data, if the webdav feature is active.
RUSTPWMAN_VIEWER	Prefix for the command to start an image viewer to which the file name of the image (containing a QR code) is appended if the qrcode feature is enabled. If the value viewer_cmd in the config file is set it takes precendence over the environment variable.
PWMAN_CONFIG	Full path to an alternative config file. The -c/--cfgfile option takes precedence over the environment variable if the option is specified. If neither the environment variable nor the option is used then the .rustpwman file in the user's home directory will be utilized as a default.

Using rustpwman to generate passwords or the gen command

When you run the rustpwman gen command you can generate one or more passwords without opening a password file. Here a screenshot of the TUI:

Tip: You can pipe the output of rustpwman gen into a program that copies the data it receives via stdin into the clipboard.

Using rustpwman to en- decrypt files or the enc and dec commands

rustpwman enc and rustpwman dec can be used to en- and decrypt arbitrary files even though their main purpose is to allow you to decrypt your password data under one PBKDF or cipher and reencrypt that data using another key derivation function or cipher in case you want to migrate from one PBKDF or cipher to another. On top of that the decrypted password data can be used to export all data from rustpwman in a form which can be processed by other software. Additionally if you are able to create a JSON file of the form described below you can import data from another password manager.

Optional features

Password cache

Beginning with version 1.2.0 rustpwman is being built with support for the password cache implemented in pwman. This feature can be disabled by issuing the command cargo build --release --no-default-features on all supported platforms. When the feature is active rustpwman attempts to read the password for the data file specified by the -i option from the cache provided by pwserv.

If this does not succeed, the user is requested to enter a password as was the case in Version 1.1.0 and below. If on the other hand the password was successfully read, the user is asked to confirm that it should be used. Through the correspondig dialog the user is also able to clear the password from the cache. This can come in handy when the cached password does not match the current password of the file which is to be opened.

Depending on the platform for which rustpwman is being built the feature is named pwmanclientux (Linux and MacOS) or pwmanclientwin (Windows).

WebDAV support

If you build rustpwman with the optional webdav feature enabled you can access password data files on WebDAV shares without explicitly mounting the share first. This rustpwman feature has been successfully tested against a well known cloud storage provider using TLS. The credentials are read from the .rustpwman config file using the following entries:

....
webdav_user = "user"
webdav_pw = "password"
webdav_server = "http://server.test.com/davtest/"

The entry webdav_server can be set to the empty string because it and the value supplied with the -i option are concatenated to form the store location. If this location starts with http then rustpwman assumes that a WebDAV share is to be accessed. Otherwise it is expected that the password file resides in the file system.

The WebDAV password can optionally be stored in an obfuscated way. For this to work the environment variable RUSTPWMAN_OBFUSCATION has to be set to a random value which is then used to encrypt and decrypt the password. Encrypted passwords have to have the prefix ##obfuscated##:. A de obfuscation is only attempted if the environment variable is set and the webdav_pw value in the config file starts with the above mentioned prefix. Obfuscation of a plaintext password can be performed via the rustpwman obf command. When executing this command the user has to enter the password twice and then the obfuscated version is printed to the screen from where it can be copied to the .rustpwman config file. Alternatively the password can be obfuscated via the rustpwman cfg command. It has to be noted that this system of obfuscation only stops the most casual of attackers.

Even though any WebDAV share can be mounted in such a way that it appears as a local drive this feature is in my view worth the additional about 50 dependencies, as it saves you the mouse clicks to actually mount the WebDAV share.

Additional note: Under Linux you have to install the package libssl-dev when compiling with this feature as the TLS implementation of the reqwest library seems to depend on it being present.

Themes

Themes can be specified in the theme file. All theme options are listed in the file and are equivalent to the theme arguments for Cursive. Color values can be in the base format (dark red), hex (#ff8800) or low precision hex (#f00), the borders style option can be of types simple, outset or none. If you remove the theme file, the program will use default terminal values, arguments are not greedy and undefined options will revert to defaults, see defaults at Cursive docs. Support for colouring varies between platforms and console backends.

Support for ChaCha20 Poly-1305 and AES-192 GCM

When you build rustpwman with the chacha20 feature you can use ChaCha20 Poly-1305 or AES-192 GCM as an alternative cipher for password file encryption. These algorithms are activated by setting the environment variable PWMANCIPHER to a value. If the variable is set to the value AES192 or AES256 then AES-192 or AES-256 GCM will be used. Any other value makes rustpwman using ChaCha20 Poly-1305. If the variable is not set when rustpwman is started, then AES-256 GCM is used. Under Linux and MacOS you can for instance use PWMANCIPHER=CHACHA20 rustpwman gui -i input_file.enc to set the environment varible and start rustpwman in one go.

As an alternative to setting an environment variable you can also use the --cipher or -c command line option and one of the parameters aes256, aes192 or chacha20 to determine the cipher which is used by rustpwman. This option works with the enc, dec and the gui command. This may serve as an example: rustpwman gui -i input_file.enc -c chacha20.

ChaCha20 Poly-1305 provides security comparable to AES-256 GCM and so it comes down to a matter of taste which cipher you use. Even though AES-192 has a shorter key than AES-256 a key length of 192 bits should still be past anyones paranoia level. On top of that it is very unlikely that you use a password with a 192 bit or higher entropy to derive the encryption key used by rustpwman in the first place. There are even some (more theoretical) attacks which affect AES-192 less than AES-256 so if you want to use it, here it is.

Automatic local backup of last successfully opened password file

I mostly use rustpwman to access a password file which resides on a WebDAV share stored at a cloud provider. This is all fine and dandy as long as one can access cloud resources. This may not be the case at times when there is no internet connection or if the cloud provider is offline. If the feature writebackup is active rustpwman stores a local copy of the data file after its password has been successfully verified. As a default the backup file is stored in the current directory using the name rustpwman_last.enc. This default can be overriden by setting the environment variable PWMANBKP or the config entry bkp_file_name to the desired name of the backup file. This feature is active by default.

Encoding stored data as a QR code

The feature qrcode allows you to encode data stored in rustpwman as a QR code which is especially useful for recreating TOTP secrets on your mobile phone or any other TOTP enabled device which is able to read the corresponding QR code. rustpwman stores the generated QR code as a PNG image at a location in the file system chosen by the user. rustpwman can also automatically start an image viewer which displays the newly created PNG. For that to work the prefix of the image viewer command has to be specified either in an environment variable called RUSTPWMAN_VIEWER or via the entry viewer_cmd of the .rustpwman config file. rustpwman simply appends the file name of the PNG to the specified prefix and executes the resulting string as a command.

If a config file entry exists it takes precedence over the environment variable. This feature also works if you do not specify a viewer application. In that case you have to open the generated image file manually.

This feature alone adds about 80 dependencies to the project. If you do not plan to use QR codes then build rustpwman without it.

Rustpwman under Windows

Native

The good news is that it works and it even works well. I have tested the pancurses and the crossterm backend of cursive under Windows. The pancurses backend uses a binding to a C library and requires an installed C compiler in order to build. On the other hand Rust itself is dependent on a C compiler when used under Windows. Both backends seem to work.

In order to build rustpwman with all optional features you have to use the command cargo build --release --no-default-features --features pwmanclientwin,chacha20,webdav,writebackup,qrcode. Alternatively you can call the batch file build_win.bat which executes this command and calls build_paste_utf8.bat (see below). If you do not care about the password cache, WebDAV, additional ciphers or QR codes use cargo build --release --no-default-features. You should additionally build the paste_utf8.exe tool by running build_paste_utf8.bat in a Visual Studio developer prompt. This tool enables you to paste the clipboard contents while editing an entry and to copy an entry which contains non-ASCII characters (in my case Umlauts) to the clipboard in such a way that the non ASCII characters are displayed correctly.

This batch file also builds winfilter.exe from the rust source winfilter.rs. This tool copies its stdin to stdout while filtering out the Escape sequence ESC[?1002l from its input (if it appears at the beginning of the stream). Therefore if you pipe the output of rustpwman through winfilter.exe you can cleanup rustpwman's output in order to make further processing easier.

I have tested rustpwman with the pancurses backend in the normal cmd.exe console and the new Windows Terminal. Both work well. It has to be noted though that the pancurses version does not run in the console window from which it was started: It opens a new window. On top of that this window, let's call it the pancurses window, remembers its size from session to session. You can change the font type and size which is used if you right click on the title bar of the pancurses window.

When using the crossterm backend rustpwman is started in the same window in which the command was issued and where the font rendering by pancurses is at times a bit blurry it is absolutely clear when using crossterm. On top of that crossterm is the default backend of cursive. Beginning with version 2.6.4 I have therefore decided to build also the Windows version against the crossterm backend. I have tested this on Windows 11 using the Windows terminal and it works well. You can uncomment the relevant lines in Cargo.toml if you want to keep the pancurses backend.

Windows Subsystem for Linux (WSL)

As expected, building rustpwman for WSL works without problems after installing all dependencies like git, gcc, libssl-dev and libncurses. The resulting application also works but there is a perceptible decrease in performance (TUI flickers a bit when updating the screen) when compared to the native version which uses the pancurses or the crossterm backend. I have not tested rustpwman on WSL in a while.

Some technical information

About the crypto

As a default rustpwman encrypts its data at rest using AES-256 GCM with a 128 bit tag length and a 96 bit nonce. If the feature chacha20 is active when rustpwman is built then ChaCha20 Poly-1305 or AES-192 GCM can be used as an alternative. Obviously a ChaCha20 or AES-192 encrypted file can not be decrypted by a rustpwman version which uses AES-256 GCM only. The encrypted data file is a simple JSON data structure. This may serve as an example:

{
  "PbKdf": "argon2",
  "Salt": "+w1dzd7gyIaR/iBvJJCU5Q==",
  "Nonce": "GqPy617WwqiP2Aha",
  "Data": "4YM5XNvMou3TukBnYCRCMoAhia2jaoBfyRIr+aGJ0dTrZTtiah4dm6W8gKnmt95/mDPBx2E+5Hy8cxz
  ef4vOM0vTjy/2H9EFgpO5m7onxJTzBOgjqtnE4lH6vLiYJ+FN6GW+68Y1X7OgifCln8nP4D++u4vJnZEYgiAMB7Y
  rjdvP7Evp4fHcx6/B/LM1ga7Cg4T57/a8SG7wK7hlBY+CUoVH9HKjzEZAMPyuyai/ZQMjgG1w9Bpn5zNnjntTn/K
  +y0hX209VTiEPK43DO/3d05tPrJfmkJNUsjskTn2teANooIlo9ZG1YMCNxe/r0ns8YPJEAlgS2R5HSNBodqgIiFc
  qQ9mSuta4iwaBG+DAZ5KHmVooLZ+L0djsgKtbEGVjjIVsaO/qFZpx"
}

As a default the actual encryption key is derived from the entered password using the Argon2id key derivation function. rustpwman also allows to alternatively use scrypt or to derive the key from the specified password using the following calculation:

SHA-256( password | salt | password )

where salt is a random value and | symbolizes concatenation. The sole purpose of the SHA-256 based KDF is to offer compatibility to (very) old password files. There is no good reason to use this KDF for new password files. If you still use it then you should migrate your password file to a new KDF using the dec and enc commands. It is also possible to select a password based key derivation function (PBKDF) through the --kdf option or by a config file. Currently scrypt, argon2 and sha256 are valid as a parameter for this option and as a config file entry. As a source for the PBKDF parameter choices https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html has been used. The salt length is always 128 bit.

Format of payload data

The plaintext password data is simply stored as key value pairs in an obvious way using JSON. There is not much more to know than shown in this example:

[
  {
    "Key": "test2",
    "Text": "first test \n"
  },
  {
    "Key": "test42",
    "Text": "second test \n"
  }
]

Due to this extreme simplicity the password files created by rustpwman are really compact. The file which holds my passwords (having about 80 entries) is about 26 KB in size.

Caveats

This section provides information about stuff which is in my view suboptimal and the user should be aware of:

• At the moment I do not attempt to overwrite memory that holds sensitive information when rustpwman is closed. This may be a problem when rustpwman is used in an environment where an attacker can gain access to unsanitized memory previously used by rustpwman. On the other hand it is probably impossible to defend against an attacker who has that level of access and in the end the information stored in rustpwman is used in other applications which most probably do not sanitize their memory.
• When the list of entries changes (after an add or delete) it may be possible that the entry selected after the change is not visible in the ScrollView on the left. I was not successfull in forcing cursive to scroll to the newly selected entry. This is most probably my fault and meanwhile an appropriate warning dialog is displayed.
• On Windows when using the pancurses backend a spurious Escape sequence ESC[?1002l is printed to stdout when the TUI application stops. This does not happen on Linux or MacOS. By piping the output of rustpwman to winfilter.exe you can remove this unwanted data from the output.
• In non --release builds scrypt with the chosen parameters is extremely slow
• At the moment I use release candidates of the crypto routines as their last official releases can not be built without warnings with a reasonably up-to-date rust toolchain