All my passwords !?!?!

eidolonFIRE · June 10, 2016, 10:05pm

I finally moved away from using truecrypt to store all my passwords.
Now, I'm using the linux tool, https://gnupg.org/.

I put together a simple set of scripts to make the encrypting / decrypting quick and easy. I'm sharing in case someone finds this handy. AFAIK, most linux distros include gpg so you shouldn't need to install anything.

https://github.com/eidolonFIRE/gpg_scripts

Setup:

Make sure the scripts are executable.

chmod u+x [file]

Encrypting:

nano pswds_tempout.txt
./lockup.sh

Enter password.
New encrypted file is named "pswds_[year]-[mo]-[dy]"
"pswds_tempout.txt" will be deleted.

Decrypting:

Have latest "pswds_[year]-[mo]-[dy]" file in same directory.

./unlock.sh

Enter password.

nano pswds_tempout.txt

Ctrl_Null · June 10, 2016, 10:09pm

damn i thought i was the only one using true crypt

Eden · June 10, 2016, 10:12pm

You may find pass really useful

Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities.

pass makes managing these individual password files extremely easy. All passwords live in ~/.password-store, and pass provides some nice commands for adding, editing, generating, and retrieving passwords. It is a very short and simple shell script. It's capable of temporarily putting passwords on your clipboard and tracking password changes using git.

eidolonFIRE · June 10, 2016, 10:13pm

I'm pretty against password managers just on principle.

Nothing beats the security of an encrypted raw text file.

Eden · June 10, 2016, 10:16pm

Your raw text file is a password manager, just with few features. You did read the description? Its literally an enhanced version of your script.

eidolonFIRE · June 10, 2016, 10:17pm

Right, but I'm only using the base functionality.... encrypt raw text...

Also, I prefer to have everything in one file that I can more easily copy to email / drive / usb. I rarely open it as most passwords are memorized.

This is more about backup for passwords I use once a year or passwords for things I don't use anymore.

Eden · June 10, 2016, 10:23pm

If it works it works, just another option.

Whats your opinion on password managers out of curiosity? My memory is far to crap to remember complex passwords unfortunately. pass actually does a decent job I think. Simple, hook it to git you can sync it to other devices if required.

eidolonFIRE · June 10, 2016, 10:30pm

Well, I very much distrust any of those password managers that backup to the internet. I think a raw text file is going to be less prone to corruption than a saved binary structure that needs to be parsed.

With a simple text file you can clearly see everything that is there. You won't have loss from db corruption or failure to sanitize input.

The only exception to this is that I use chrome to keep track of low security passwords for some websites... (anything related to games, forums, etc) However, I never have it "keep track" of anything related to banking, credit cards, or taxes. EVER. I also have unique passwords for anything that involves sensitive data and all passwords are 12 characters or more.

tsuser1729 · June 11, 2016, 2:55pm

Make a tabula recta