blog/content/software/pass.md

39 lines
2.1 KiB
Markdown

---
Title: Manage your passwords with pass
Date: 2019-04-22 19:00
Modified: 2019-04-23 14:24
Author: Fabrice
Category: software
Tags: pass, git
Slug: password-store
Header_Cover: images/covers/clovers.jpg
Summary: A simple password manager that relies on gpg, and synchronized with git.
Lang: en
---
As security breaches are discovered regularly, and so leakage happens, it is recommended to have a different password on each account.
However, this task is obviously a pain to maintain by hand. I did use a notebook back in 2003, which I lost within a month, given that I'm a very organized person.
Hopefully, many password managers exist, with similar features: cross-platform (especially smartphone support), password generation,browser integration…
I'm not here to compare them, if you want to give a look, [wikipedia](https://en.wikipedia.org) provides a nice comparison table [**there**](https://en.wikipedia.org/wiki/List_of_password_managers).
However, thanks to [moviuro](https://try.popho.be), my choice is [pass](https://www.passwordstore.org/) along with [pass-otp](https://github.com/tadfisher/pass-otp#readme) (and [passmenu](https://git.zx2c4.com/password-store/tree/contrib/dmenu)).
I don't intend either to make a comprehensive guide, as those already populate the internet, for example [**here**](https://medium.com/@chasinglogic/the-definitive-guide-to-password-store-c337a8f023a1).
To make it short, pass is a bash scripts using [git](https://git-scm.com/), [gpg](https://www.gnupg.org/) written by [zx2c4](https://www.zx2c4.com/).
Here are just some commands I often use.
```sh
pass generate -i <pass-name>
```
To regenerate a password, the `-i` is important to avoid overwritting the whole file and having to rely on [dirty git](/git-tricks.html) to withdraw your mistake (`pass <cmd>` will automatically commit your change)… I sometimes forget it, so let's put it here as a reminder.
```sh
pass git <whatever you want>
```
To do whatever you want with git, especially *dirty git* 😉
And finally, I'm using [password-store](https://f-droid.org/en/packages/com.zeapo.pwdstore/) on my android phone.