Re: Password Manager opinions and recommendations
likcoras <email@example.com> writes:
> I think pass (https://www.passwordstore.org/) meets most of your
> requirements. It's a glorified shell script that calls gpg under the
> hood to create passwords that are stored locally (under
I concur with the recommendation for Password Store, in this case.
(that link again, <URL:https://www.passwordstore.org/>).
Someone who has been manually handling their password database should be
right at home with the Password Store system.
> - It does not have a network component.
Password Store uses Git to store the entries, and Git natively allows
distribution of the repository via SSH or HTTPS (and others, of course).
> - You can transfer individual password files, decrypt them yourself
> with gpg, etc.
This is very important! Our password data is too crucial to be locked
into a custom data format needing a specific tool. Password Store avoids
this by using only standard, general-purpose tools.
> - Very straightforward to decrypt with a simple shell script.
> - Uses pwgen to generate passwords, if requested. You can customize
> generation a bit (no special characters, etc.)
For more useful passphrases I can recommend Diceware or ‘xkcdpass’
<URL:https://pypi.python.org/pypi/xkcdpass>. That's a separate tool
though, Password Store does not yet integrate with it.
> - It does not handle automatic password updates.
True. This could be implemented in a custom client though.
Which raises another advantage of Password Store: it is a description of
a password manager *without* specifying the client. There are many
clients that work with this system, as can be seen at the website.
So I use the ‘pass’ command-line client on some machines, QtPass desktop
client on others, and the Android app (available from the F-Droid app
to carry them with me.
\ “Isn't it enough to see that a garden is beautiful without |
`\ having to believe that there are fairies at the bottom of it |
_o__) too?” —Douglas Adams |