DEV Community

Stephano Kambeta
Stephano Kambeta

Posted on

Project: Build a Password Generator + Manager in Termux

#terminal #termux #python #password

If you’re tired of juggling weak passwords or reusing the same one across dozens of accounts, it’s time to take control. In this project, we’ll build a simple yet powerful Password Generator + Manager in Termux — all from your Android device. No paid tools. No heavy apps. Just lightweight Python scripts and Termux magic.

By the end of this guide, you’ll have a script that generates strong, unique passwords and securely stores them for easy access. Plus, we’ll talk about adding basic encryption to keep things safer from prying eyes.

Why Build Your Own Password Manager?

  • Full control: No cloud storage or third-party apps that could be breached.
  • Lightweight and portable: Works directly in Termux without eating up storage.
  • Educational: You’ll understand how password generation, storage, and encryption work.

And let’s face it, with cybercrime becoming more sophisticated, keeping your credentials secure is no longer optional — it’s a survival skill.

Step 1: Set Up Your Termux Environment

First, make sure Termux is ready. If you haven’t installed it yet, follow this installation guide.

pkg update && pkg upgrade
pkg install python git nano

Check your Python version:

python --version

Step 2: Build the Password Generator

Let’s start by creating a basic Python script for generating strong passwords.

nano password_generator.py

Paste this code:

import random
import string

def generate_password(length=16):
    characters = string.ascii_letters + string.digits + string.punctuation
    return ''.join(random.choice(characters) for _ in range(length))

if __name__ == "__main__":
    length = int(input("Enter password length (default 16): ") or 16)
    password = generate_password(length)
    print(f"Your new password: {password}")

Save and run it:

python password_generator.py

Try different lengths to see the results. This simple generator already produces complex, brute-force-resistant passwords, but we’re just warming up.

Step 3: Create a Secure Password Manager

Now, let’s take it a step further: store your passwords securely. We’ll use Python’s cryptography library for encryption.

pip install cryptography
nano password_manager.py

Paste this code:

from cryptography.fernet import Fernet
import os, json

KEY_FILE = "key.key"
DATA_FILE = "passwords.json"

# Generate or load encryption key
def load_key():
    if not os.path.exists(KEY_FILE):
        key = Fernet.generate_key()
        with open(KEY_FILE, "wb") as key_file:
            key_file.write(key)
    with open(KEY_FILE, "rb") as key_file:
        return key_file.read()

key = load_key()
cipher = Fernet(key)

# Load existing data
if os.path.exists(DATA_FILE):
    with open(DATA_FILE, "r") as file:
        passwords = json.load(file)
else:
    passwords = {}

def add_password(service, password):
    passwords[service] = cipher.encrypt(password.encode()).decode()
    with open(DATA_FILE, "w") as file:
        json.dump(passwords, file)

def get_password(service):
    if service in passwords:
        return cipher.decrypt(passwords[service].encode()).decode()
    else:
        return None

if __name__ == "__main__":
    action = input("Choose action (add/get): ").strip().lower()
    service = input("Enter service name: ").strip()
    if action == "add":
        pwd = input("Enter password: ").strip()
        add_password(service, pwd)
        print(f"Password for '{service}' added.")
    elif action == "get":
        pwd = get_password(service)
        if pwd:
            print(f"Password for '{service}': {pwd}")
        else:
            print("No password found.")

Save and run:

python password_manager.py

Now you can securely add or retrieve passwords for different services — fully offline and encrypted.

Optional Enhancements

  • Master password protection: Add a password check before accessing the manager.
  • Backup system: Encrypt and store a backup in your private cloud.
  • Integration with phishing research tools: Use with MaxPhisher or Zphisher testing to store test credentials securely.

Best Practices for Using Your DIY Manager

  • Always use a VPN like Surfshark when syncing or transferring backups.
  • Follow network security best practices to prevent snooping on your local device.
  • Regularly update your Termux environment and Python packages.

Why This Matters

Weak credentials are one of the biggest attack vectors. From IoT hijacking to targeted phishing attacks, compromised passwords often start the domino effect. By building your own generator and manager, you reduce reliance on third-party systems and close one more door to attackers.

Next Steps

  • Expand this project into a full CLI app with search and list features.
  • Combine it with your other quick Termux projects for a more automated workflow.
  • Deep dive into threat intelligence to understand how attackers exploit weak credentials.

Final Thoughts

This project isn’t just about coding a utility — it’s about adopting a proactive mindset toward security. With just a few lines of Python and the flexibility of Termux, you can create tools that rival paid solutions while keeping your sensitive data under your control.

Stay curious, stay secure, and remember: the best way to learn cybersecurity is by building solutions yourself.

Top comments (0)