Site logo (light mode)

Key Nest - Password Manager

KeyNest is a secure, interactive CLI password manager built with Node.js, featuring encryption, tagging, and import/export; packaged as an MSI installer.

Author: Berlin BrunoPublished:Aug 15, 2024Updated:Jul 10, 2025

Introducing KeyNest: A Secure, Offline Password Manager for Developers

Managing credentials securely is essential β€” especially for developers who value privacy, simplicity, and control. I'm excited to introduce KeyNest, a lightweight yet powerful open-source CLI password manager built with Node.js, designed to run entirely offline with your data fully encrypted and owned by you.

πŸš€ What Is KeyNest?

KeyNest is a terminal-based password manager for personal use. It encrypts your vault with AES-256-CBC, stores it locally in your home directory, and protects it with a master password.

Whether you're a dev who lives in the terminal or just want a no-nonsense alternative to bloated password managers, KeyNest is for you.

πŸ”§ Key Features

  • βœ… AES-256-CBC Encryption β€” Vault contents encrypted with a key derived from your master password.
  • βœ… Offline by Design β€” No cloud sync, telemetry, or tracking.
  • βœ… Cross-platform CLI β€” Built with Node.js, packaged as a portable .exe and .msi installer for Windows.
  • βœ… Searchable & Taggable β€” Organize entries using tags; search by name or username.
  • βœ… Clipboard Copy β€” Automatically copies passwords to clipboard (Windows).
  • βœ… Import/Export Vault β€” Supports CSV/JSON format.
  • βœ… Master Password Reset β€” Rotate master password without data loss.
  • βœ… Built-in Password Generator β€” Create strong, random passwords with ease.

πŸ’» Example Usage

Choose from options like:

  • βž• Add a new password entry
  • πŸ”‘ Retrieve existing credentials
  • πŸ—‘οΈ Delete old entries
  • πŸ” Search entries by name, tag, or username
  • πŸ“„ Export vault to CSV or JSON
  • πŸ“… Import existing vaults
  • 🧰 Reset your master password


🧐 How It Works

  1. On first launch, you create a master password.
  2. It creates an encrypted vault at:
    • ~/.keynest/vault.json
    • ~/.keynest/.vault-hash
  3. Vault is encrypted using:
    • AES-256-CBC
    • A random IV per entry
    • PBKDF2 (SHA-256) for key derivation
  4. You interact entirely via terminal with a simple menu interface.

πŸ–Ό Screenshots

Main Menu Add Entry Search Vault

image
image
image

πŸ›  Tech Stack

  • Node.js
  • pkg (for packaging binary)
  • WiX Toolset (for .msi installer)
  • chalk, inquirer, fs-extra (for CLI UX)
  • crypto (AES & password hashing)

πŸ“† Easy Windows Installation

  1. Download the MSI installer from the GitHub releases page.
  2. One-click install like any other app.
  3. Launch from terminal by typing:

key-nest

No setup, no config, just secure password management out of the box.

πŸ€” Why I Built KeyNest

Most password managers are:

  • 🧱 Heavy
  • 🌐 Cloud-bound
  • πŸ’Έ Subscription-based
  • πŸ“‰ Overkill for CLI users

KeyNest is built for developers who prefer terminal tools, offline-first design, and own their data.

πŸ“‚ Project Repo & MSI Installer

πŸ”— GitHub: https://github.com/berlinbruno/key-nest
πŸ“† MSI Installer: keynest-release

πŸ“Š Skills Used

  • Node.js
  • JavaScript
  • Command Line Interfaces (CLI)
  • Cryptography
  • CI/CD (semantic-release + GitHub Actions)

πŸ”“ Open Source β€” Get Involved!

KeyNest is MIT-licensed and open to contributors.

  • Suggest a feature
  • Submit a PR
  • Help test cross-platform builds
  • Share screenshots and feedback

🧠 Final Thoughts

KeyNest is ideal if:

  • You want a secure, offline vault
  • You love terminal tools
  • You value simplicity over complexity

This is a project I built out of need β€” and I hope it’s useful to others too.

πŸ‘‰ Try KeyNest, own your passwords.
πŸ’¬ Feedback welcome!