Argon2 provides a key derivation function that was declared winner of the 2015 Password Hashing Competition.

Hashcat-utils are a set of small utilities that are useful in advanced password cracking. They all are packed into multiple stand-alone binaries. All of these utils are designed to execute only one specific function. Since they all work with STDIN and STDOUT you can group them into chains.

This package provides a tool to demonstrate how easy it is to gain unauthorized access to a system by automatically attempting logins and passwords. It supports a wide range of protocols including SSH, SMTP and HTTP.

This package provides an ssh-agent implementation that stores and secures keys through Himitsu.

This package provides an encrypted password manager, forked from the password-store package. Files are encrypted with the age encryption package with small explicit keys.

FPM2 is GTK2 port from Figaro's Password Manager originally developed by John Conneely, with some new enhancements.

Upstream development seems to have stopped. It is therefore recommended to use a different password manager.

This package provides a simple command-line tool to convert SSH ed25519 keys to age keys.

Password-store is a password manager which uses GnuPG to store and retrieve passwords. The tool stores each password in its own GnuPG-encrypted file, allowing the program to be simple yet secure. Synchronization is possible using the integrated git support, which commits changes to your password database to a git repository that can be managed through the pass command.

Himitsu is a daemon-oriented secret storage tool, including both a client and daemon program. Secrets, including passwords and keys, may be requested either through clients such as himitsu-ssh or through the included hiq tool. Upon request, the user is prompted to authorize access for that process to that specific secret. Himitsu uses the Hare cryptographic library, which has not been audited.

Browserpass is a browser extension for pass, a UNIX-based password store manager. It allows you to auto-fill or copy to clipboard credentials for the current domain, protecting you from phishing attacks.

This package only contains the Browserpass native messaging host. You must also install the browser extension for GNU IceCat or ungoogled-chromium separately.

assword is a simple password manager using GPG-wrapped JSON files. It has a command line interface as well as a very simple graphical interface, which can even "type" your passwords into any X11 window.

Rofi-pass provides a way to manipulate information stored using password-store through rofi interface:

1. open URLs of entries with hotkey;

2. type any field from entry;

3. auto-typing of user and/or password fields;

4. auto-typing username based on path;

5. auto-typing of more than one field, using the autotype entry;

6. bookmarks mode (open stored URLs in browser, default: Alt+x).

Maskprocessor is a high-performance word generator with a per-position configureable charset.

pass-git-helper is a git credential helper which uses pass, the standard unix password manager, as the credential backend for your git repositories. This is achieved by explicitly defining mappings between hosts and entries in the password store.

YAPET is a text based password manager using the Blowfish encryption algorithm. Because of its small footprint and very few library dependencies, it is suited for installing on desktop and server systems alike. The text based user interface allows you to run YAPET easily in a Secure Shell session. Two companion utilities enable users to convert CSV files to YAPET and vice versa.

Hashcat is an password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. Hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking.

This package provides a GTK prompter for Himitsu, used to request user consent for application access to stored secrets.

Pass OTP is an extension for password-store that allows adding one-time-password (OTP) secrets, generating OTP codes, and displaying secret key URIs using the standard otpauth:// scheme.

pwsafe is a command line tool compatible with Counterpane's Passwordsafe.

This package provides a flexible and scriptable password generator which generates strong passphrases, inspired by XKCD 936.

OTPClient is a GTK+-based OTP client, supporting TOTP and HOTP.

Passwdqc is a password/passphrase strength checking and policy enforcement toolset, including an optional PAM module, pam_passwdqc, command-line programs (pwqcheck, pwqfilter, and pwqgen), and a library, libpasswdqc.

secretsd is a generic backend for the libsecret API to use on headless systems or minimal desktop environments. It stores secrets in a sqlite database, encrypted using a AES key. The database key is stored in a regular file next to the database by default, but can be read from an external program.

Libpwquality is a library for password quality checking and generation of random passwords that pass the checks.