Donjon /dɔ̃.ʒɔ̃/ (French): noun, m. Strongest tower of the castle or keep, where the archives and treasure were kept, also used as the last line of defense.
Donjon uses standards for encryption: 2048-bit asymmetric RSA encryption used to prime symmetric 256-bit AES CBC encryption with random padding. In other words, while the NSA will probably be able to read your data should it get its paws on it, it’s unlikely Joe Hacker will.
Online tools exist that serve the same purpose as Donjon, but simply put: they’re generally closed source and host the data somewhere we don’t control. We think the inconvenience of not having a cute toolbar icon for passwords is trumped by better security.
A typical session with Donjon will look unsurprising:
$ dj config:get some_server Please enter the password for your private key > ***** le_password $ dj config:set other_service=s3cr3t Please enter the password for your private key > *****
Donjon will ask for a password every single time. Behind the scenes, a very straightforward crypto implementation using OpenSSL does the magic.
We typicaly sync our Donjon store in the team using Bittorrent Sync to avoid a centralised server.
Head on to Github to have a play.