Why I don't save passwords on browsers anymore

Since a while ago I saw a lot of problems with the browsers’ system of saving passwords for you; undeniably, it's a no-brainer action for a lot of people to save their passwords directly on the browsers because it is easy to access and it's taking away much more time and effort of managing and remembering which password is used for what. However, it comes with a lot of problems because passwords on browsers can be easily misused if anyone could access your sessions or physically have access to your laptop.

That's why I made this article to talk about a tool that I have made using Go and Redis for managing passwords for you locally, easily and most importantly, in a very secure way. (it's not marketing for my product; it's really good actually.)

I have read some articles about cryptography and encryption schemes and I got interested in the idea of implementing something to use these algorithms, and that's how the idea safe-pass emerged. safe-pass is a cli tool that does all the basic CRUD operations for storing the passwords (adding, deleting, editing, and copying), all with secure tunnels of encryption using AES symmetric encryption for doing this task (The algorithm of AES is fascinating if you want to take a shot; listen to this video as a starter). Examples and cases are all well-documented in the README.md file

All the system is locked using a Master Key which is the only password you have to remember (hopefully you are not saving this in the browser). However, if you forget the password for any reason, you only have to run the command in the root mode for a reset and you will be fine. Now let's talk seriously about the differences.

safe-pass has a command for backing the the system to take snapshots, as simple as this

$ safe-pass backup

Backup is created at: /home/abanoub-aziz/.config/safe-pass/safe-pass-2025-08-21:16:52:12.bin
$

And all the passwords/tokens/keys are going to be backed up in a json format and encrypted in a snapshot file and then compressed using the Gzip compression. Now you have a very solid file that you can send and back up in whatever place you want (the default will be at home/username/.config/safe-pass/) without worrying about the data being exposed.

if you want to restore a snapshot? it's as easy as this

$ safe-pass restore
Enter your Master passkey: 
Search: █
? Select a backup file to restore: : 
    .env
  ▸ safe-pass-2025-08-21:16:19:01.bin.gz
    safe-pass-2025-08-21:16:52:12.bin.gz

and for each entry duplicate, the system would ask you first if you want to overwrite or not.

Some people might find this not useful because it takes time to back things up and get your data back, compared to browser saving in one click. Undeniably browser saving is much faster but I find this more convenient and actually pretty fast too because when you need a password, you only have to do simple steps and get the data directly copied to your clipboard without exposing it directly in the terminal like this

$ safe-pass show
Enter your Master passkey: 
✔ passwords
✔ passwords-default:default
Data is copied to your clipboard

Of course you are not going to write all of the things down; it’s a couple of lists and you choose what you want and type initials without exposing the data by copying them to the clipboard.

If you got really unlucky and someone got your pc or laptop, they couldn't access the data in this system without the Master Key, even if they accessed the database itself for getting the passwords through the keys, they will face this

$ redis-cli 
127.0.0.1:6379> KEYS *
1) "passwords-default:default"
2) "passwords-google:personal"
3) "tokens-default:default"
127.0.0.1:6379> GET passwords-default:default
"204b146702d33dd4e53cdc384ff11bc2e30de555ec3312a384106c4ca1c9afa849a8e73068eb505f484ebdd42836"
127.0.0.1:6379>

of course if they are aware enough, they will search for the .env file that contains the key and try to decrypt it but it would take to long and you will probably catch them.

The point is, it's local, safe and easy to access. I have worked a lot to make it convenient and easy to use by providing a very detailed README.md file. it's a simple, but genuinely great, project I have worked on and I hope you enjoy it (especially Linux nerds and terminal lovers). Thanks and Enjoy ;).

If you liked the project, here is the link to check it out:Github