Why Use C++ to Build a Secure Command-Line Tool?

C++ gives you fine-grained control over memory and performance, which is ideal for building security-conscious tools like a password manager. You have the flexibility to choose and implement robust encryption methods, handle sensitive file operations precisely, and maintain a lightweight footprint by working entirely in the command line without unnecessary dependencies. This project showcases how C++ can be used to solve real-world problems while reinforcing system-level thinking and secure coding practices.

Prerequisites

• A C++ compiler (g++, clang, MSVC)
• Basic familiarity with C++ syntax and the command line
• OpenSSL library installed for encryption
• A text editor or IDE like VSCode, CLion, or Code::Blocks

Step 1: Set Up Your Project

Create a new C++ file named password_manager.cpp. You’ll store and retrieve encrypted passwords from a local file.

#include <iostream>
#include <fstream>
#include <string>
#include <openssl/evp.h>
#include <openssl/aes.h>

This sets up the includes needed for file and encryption operations. Make sure OpenSSL is installed and accessible to your compiler.

Step 2: Define Encryption and Decryption Functions

Below your includes, define helper functions to encrypt and decrypt strings using AES:

std::string encrypt(const std::string& plaintext, const std::string& key) {
    std::string ciphertext = plaintext; // Replace with proper encryption (demo only)
    return ciphertext;
}

std::string decrypt(const std::string& ciphertext, const std::string& key) {
    std::string plaintext = ciphertext; // Replace with proper decryption (demo only)
    return plaintext;
}

Note: For simplicity, we are mocking encryption here. In a real-world app, replace these with actual AES routines using OpenSSL or libsodium.

Step 3: Create the Password Manager CLI

Add a main function with basic options: add, view, or exit. This gives your app its command-line interface:

int main() {
    std::string command, key = "my-secret-key";
    while (true) {
        std::cout << "\nOptions: add, view, exit\n";
        std::cout << "Enter command: ";
        std::cin >> command;

        if (command == "add") {
            std::string site, password;
            std::cout << "Site: "; std::cin >> site;
            std::cout << "Password: "; std::cin >> password;
            std::ofstream file("vault.txt", std::ios::app);
            file << site << " " << encrypt(password, key) << "\n";
            file.close();
        } else if (command == "view") {
            std::ifstream file("vault.txt");
            std::string site, encrypted;
            while (file >> site >> encrypted) {
                std::cout << site << ": " << decrypt(encrypted, key) << "\n";
            }
            file.close();
        } else if (command == "exit") {
            break;
        } else {
            std::cout << "Invalid command.\n";
        }
    }
    return 0;
}

This loop continues until the user types exit. Passwords are saved to and read from a simple text file for demonstration.

Step 4: Compile and Run

Use the following command in your terminal to compile the app (replace paths if needed):

g++ password_manager.cpp -o password_manager -lssl -lcrypto

Then run the compiled program:

./password_manager

Test the app by adding a few site-password pairs and viewing them.

Step 5: Add Basic Security Improvements

• Use real AES encryption instead of placeholder methods
• Encrypt the whole file or each line individually
• Prompt for a master password to unlock the manager
• Use secure password input with no echo

Conclusion

You’ve built a functional, local password manager with C++. While this is a prototype, it introduces file handling, encryption concepts, CLI flow, and system-level development. From here, you can expand the project with full encryption, hashed keys, secure input handling, and even a graphical interface.