Password Store is a command line utility for managing your passwords. The passwords are stored in an encrypted file which makes use of gpg. It also allows you to use git to track password changes.
pass isn’t as feature-rich compared to Last Pass or 1Password though.
Setup
Setup is pretty easy. It only requires gpg which can be installed via brew. Optionally, you can install git if you want to track changes in your storage.
$ brew install gpg pass
GPG (skip if you already have a key)
You would need to set up your gpg key if you don’t have one.
$ gpg --gen-key
You will then be presented with this prompt:
$ gpg --gen-key
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection?
Select the default (RSA and RSA). The other steps will depend on how you want your key to be set up.
Pass
Initialize pass:
$ pass init
This will create a directory in your $HOME called .password-store.
Usage
pass help provides a list of all available commands so I’ll probably just list here the basics. pass simply lists all your stored passwords.
Inserting
pass treats / similar to subfolders. An example is this:
$ pass
Password Store
├── foo
│ └── bar.gpg
│ └── baz.gpg
└── bar
└── foo.gpg
This can be accomplished by invoking the commands:
$ pass insert foo/bar
Enter password for foo/bar:
Retype password for foo/bar:
$ pass insert foo/baz
Enter password for foo/baz:
Retype password for foo/baz:
$ pass insert bar/foo
Enter password for bar/foo:
Retype password for bar/foo:
Editing
Editing is similar to inserting.
$ pass edit foo/bar
You will then be asked to enter your password for your key. This will open up your default editor where you can modify your password.
Reading
This is similar to editing in which pass would open up a prompt which asks your password for your key.
To display your password, invoke this command:
$ pass foo/bar
To copy your password in the clipboard, just add the -c flag. pass removes it from the clipboard after 45 seconds.
Storage
pass supports git. Depending on how you want it stored, you can either track it on Github or some other service. A few posts in SO say that it’s fine to store them on github.
A quick rundown on using pass with git:
$ pass git remote add <alias> <remote>
$ pass git push
Everytime you insert, modify, or delete a password, pass issues a commit.
