Learn Docker With My Newest Course

Dive into Docker takes you from "What is Docker?" to confidently applying Docker to your own projects. It's packed with best practices and examples. Start Learning Docker →

Updated on June 20, 2023 in #dev-environment

How to Use Pass Which Is a Command Line Password Manager

how-to-use-pass-which-is-a-command-line-password-manager.jpg

I use it multiple times a day and it never fails me. If you're looking for a secure offline password manager, look no further.

Quick Jump:

Back in 2016 I wrote a blog post on using pass. Here we are 7+ years later and I’m still happily using it. I use it to manage about 300 different passwords, API licenses, blobs of text (multiple API key pairs, etc.) and other sensitive information.

Here’s a couple of highlights:
  • Run commands like pass Sites/example.com and it’ll output your password
  • Use the -c flag to have it copy your password to your clipboard for 45s
  • Running pass with no args will list a tree view of all of your entries
  • Add or overwrite existing passwords with pass insert Licenses/sometool
  • Add multi-line entries with pass insert -m API/pypi
    • This is handy to save multiple values or even a whole config file together
    • If you retrieve a multi-line entry with -c it copies the first line to your clipboard
  • Your entries are just GPG encrypted files sitting on your file system
    • You can organize them however you see fit with custom directories and files
    • It’s fully offline but since it’s text you can sync them if you want
    • It has shell completions to make it easy to tab complete existing entries
    • It supports using git out of the box but this is optional
  • Add a new entry with an auto-generated password with pass generate Sites/mysite.com

It piggy backs off using your GPG key to encrypt everything. If you don’t have your own GPG key I suggest creating one. I have a post about that here.

pass supports multiple flavors of Linux, WSL 2, macOS and more. It has a few browser extensions and other integrations although personally I stick with using the vanilla command line version exclusively.

Here’s a demo video going over how to install and use it:

# Demo Video

Timestamps

  • 0:00 – Intro
  • 0:50 – A drive-by of pass’ features
  • 4:17 – Downloading pass and its optional extensions / clients
  • 5:03 – Setting a custom directory only for this video
  • 6:24 – Initialize pass
  • 7:55 – Inserting and overwriting a new entry
  • 9:37 – Removing entries
  • 9:50 – Multi-line inserts
  • 11:13 – Generating random passwords
  • 13:52 – Skimming the man pages and searching, moving, copying, etc. entries
  • 17:45 – Watch me fail to use the git feature for the first time

Commands

# I only ran this to avoid overwriting my existing pass directory.
export PASSWORD_STORE_DIR=/tmp/passdemo

# Use your gpg-id, you can check with: gpg --list-keys
pass init nick.janetakis@gmail.com

pass
pass ls

pass insert Sites/example.com

pass Sites/example.com
pass -c Sites/example.com

pass rm Sites/example.com

pass insert -m API/pypi
pass edit API/pypi

pass generate Sites/anothersite.org
pass generate -c Sites/anothersite123.org

pass search Sites
pass find pypi

pass mv API/pypi Sites/pypi
pass cp Sites/pypi Sites/another-pypi

pass git init

Are you going to use this terminal based password manager? Let us know!

Never Miss a Tip, Trick or Tutorial

Like you, I'm super protective of my inbox, so don't worry about getting spammed. You can expect a few emails per year (at most), and you can 1-click unsubscribe at any time. See what else you'll get too.

Comments