website/content/blog/2016-08-16-pass-password-manager.md

4 KiB
Raw Blame History

id title date author aliases permalink medium_post mf2_cite bridgy_syndication mf2_syndicate-to tags
919 Pass the password manager 2016-08-16T23:37:09+00:00 Brandon Rozek
/2016/08/pass-password-manager/
/2016/08/pass-password-manager/
O:11:"Medium_Post":11:{s:16:"author_image_url";N;s:10:"author_url";N;s:11:"byline_name";N;s:12:"byline_email";N;s:10:"cross_link";s:2:"no";s:2:"id";N;s:21:"follower_notification";s:3:"yes";s:7:"license";s:19:"all-rights-reserved";s:14:"publication_id";s:2:"-1";s:6:"status";s:4:"none";s:3:"url";N;}
a:4:{s:9:"published";s:25:"0000-01-01T00:00:00+00:00";s:7:"updated";s:25:"0000-01-01T00:00:00+00:00";s:8:"category";a:1:{i:0;s:0:"";}s:6:"author";a:0:{}}
https://twitter.com/B_RozekJournal/status/790336614866100224
a:1:{i:0;s:4:"none";}
Security

Looking over the list of programs installed on my computer, one of my all time favorites is a program called Pass. Its a program available under most Linux distributions, Mac OS X (through Brew), Windows, Android, and iOS. It stores all of the passwords using gpg encryption and stores them as actual files on the hard disk. Meaning if you wanted, you can sync them to all your devices!

This program assumes a light familiarity with the terminal

Setup

First if you do not already have a gpg key, create one.

Then in the terminal type in

pass init youremail@address

Substituting youremail@address with the email associated with your gpg key.

This will autmatically create an empty repository under your home folder in a folder labeled .pass

If you are switching from an existing password manager, check to see if on the Pass homepage, there doesnt exist a script to help you out

Basic Tasks

To insert a password into pass

pass insert password-name

It will then prompt you to enter the password

To show passwords you have already inserted

pass

To show an individual password

pass password-name

But generally I find it handy to have it automatically in my clipboard. You can do that with the -c option

pass -c password-name

You can generate new secure passwords using pass. (-c copies the result into your clipboard)

pass generate -c password-name password-length

If you dont want it to output symbols, use the -n option to restrict it to alphanumericals

pass generate -n -c password-name password-length

Another command i find handy is the find command. Mainly because I have over a 100 passwords in this system and i tend to forget what I named some of them

pass find search-string

There are too many commands to list them all, but if you ever want to find out more, check out the manual entry page for pass

man pass

Extra: Syncing

I use a nextCloud instance on my server to sync my passwords, but I dont see a reason why this wouldnt work with other projects like dropbox, syncthing, or any other sync solution

Some sync solutions dont like to sync folders that begin with a ., my solution around this is to create a symbolic link between that and a folder you wish to link it to

ln -s /path/to/home/folder/.password-store /path/to/sync/folder/password-store

Then you just need to make sure to make the same link to all your other computers

Conclusion

I like Pass for its ease of use and for the fact that Im not tied into any one company for managing my passwords. Its based on open source tools and the fact I didnt have to configure a database is a huge plus for me

If youre in a need of a password manager (I hope you have more than one password), then give pass a shot. It served me and my many passwords well.