I used LastPass for years, though they’ve been hacked before and after they where purchased by LogMeIn I decided to finally switch to something else.
I spent awhile experimenting and finally landed on pass which I know you already tried, @sil. I’ve been using it happily on Linux, Windows and Android since ~November of last year.
Every password is stored in a gpg encrypted text file which just contains one line with the password, which provides great security. If the pass
project were ever to die, everything is just a gpg file so you can easily retrieve your passwords and store them in something else.
The pass
program uses git to sync across systems (windows/linux/android/etc), so you can setup your own private git server and sync your encrypted gpg files, which git knows nothing about the contents of said files.
pass
has a browser extension, though I haven’t tried it yet because I’m using a dmenu script with some keyboard shortcuts to make things just as fast IMO.
On Linux
Everything is stored under ~/.password-store/
which looks like:
~/.password-store/website1.com/generic_username.gpg
~/.password-store/website1.com/username2_for_same_site.gpg
~/.password-store/website2.com/[email protected]
~/.password-store/website3.com/[email protected]
~/.password-store/not-a-website/username.gpg
Or if you want to categorize:
~/.password-store/finance/website1.com/generic_username.gpg
~/.password-store/finance/website2.com/[email protected]
~/.password-store/games/website3.com/[email protected]
~/.password-store/work/not-a-website/username.gpg
I use the commandline for adding passwords and pushing/pulling from git, and have bash completions enabled for pass
which makes typing and remembering commands quicker.
To retrieve my password for a website, I use passmenu rather than a brower extention. This is what really has me loving pass.
I just press my keyboard shortcut of choice to launch it:
Then I start typing the website for which I want the password (or browse with arrow keys):
Press enter and the password is automatically copied to my clipboard.
One thing to note is that I changed dmenu
to rofi
in the passmenu script:
< password=$(printf '%s\n' "${password_files[@]}" | dmenu "$@")
> password=$(printf '%s\n' "${password_files[@]}" | rofi -dmenu -p "passmenu:" "$@")
For random password generation, I use pwgen -s
.
On Windows and Android
It’s not as convenient as Linux with passmenu, because you have to use a point and click GUI to pick which password you want, then the password gets copied to your clipboard. Though the experience is on par with most Android or Windows password managers. Plus everything still gets synced with git which is nice.