Password management in the terminal done right.

2017-07-16

Update: Some time ago I wrote a little more detailed intro to pass on the tilde.institute wiki

I spend most of my time in front a computer in the terminal ... I'm used to it, and I like it a lot. There's nothing (well, almost nothing) a terminal app or a combination of apps can't do (way better some times that its graphical counterparts).

One of those apps that's particularly useful is pass. A password manager for the terminal.

Is quite simple. It creates a hierarchy of folders and files in $PASSWORD_STORE_DIR (~/.password-store by default) and encrypts them with your GPG key.

It can copy the recovered passwords to the clipboard, has bash and zsh completion. Can generate random passwords for you and more ...

You can also create multi-line stores with extra information, but just the first line will be copied to the clipboard when you use -c.

They have a great web page explaining all that, and a really good man page, so there's no excuse to have ugly methods for managing your passwords ... or no methods at all !

The things I use the most:

pass -c site/foo.com/username

This one gets the password for username@foo.com and puts it on your clipboard.

pass generate  -c email/me@foo.com

This one generates a random password, stores it on email/me@foo.com and copies it to the clipboard. Pretty useful when you're singing in to a new service.

pass edit foo/bar/baz

This one edits one of your entries. Mind that generate won't ask for password, as you're encrypting to your GPG public key, but edit or show will. It's a good idea to have GPG agent setup, so you can control how/when passwords are requested.

Have any comments ? Send an email to the comments address.