Password management in the terminal done right.
Update: Some time ago I wrote a little more detailed intro to
pass on the
I spend most of my time in front a computer in the terminal … I’m used to it, and I like it a lot. There’s nothing (well, almost nothing) a terminal app or a combination of apps can’t do (way better some times that its graphical counterparts).
One of those apps that’s particularly useful is pass. A password manager for the terminal.
Is quite simple. It creates a hierarchy of folders and files in
~/.password-store by default) and encrypts them with
your GPG key.
It can copy the recovered passwords to the clipboard, has
zsh completion. Can generate random passwords for you and more …
You can also create multi-line stores with extra information, but just
the first line will be copied to the clipboard when you use
They have a great web page explaining all that, and a really good man page, so there’s no excuse to have ugly methods for managing your passwords … or no methods at all !
The things I use the most:
pass -c site/foo.com/username
This one gets the password for
email@example.com and puts it on your
pass generate -c firstname.lastname@example.org
This one generates a random password, stores it on
and copies it to the clipboard. Pretty useful when you’re singing in to
a new service.
pass edit foo/bar/baz
This one edits one of your entries. Mind that generate won’t ask for password, as you’re encrypting to your GPG public key, but edit or show will. It’s a good idea to have GPG agent setup, so you can control how/when passwords are requested.