How to Use Pass Which Is a Command Line Password Manager
I use it multiple times a day and it never fails me. If you're looking for a secure offline password manager, look no further.
Quick Jump: Demo Video
Back in 2016 I wrote a blog post on using pass. Here we are 7+ years later and I’m still happily using it. I use it to manage about 300 different passwords, API licenses, blobs of text (multiple API key pairs, etc.) and other sensitive information.
Here’s a couple of highlights:
- Run commands like
pass Sites/example.comand it’ll output your password
- Use the
-cflag to have it copy your password to your clipboard for 45s
passwith no args will list a tree view of all of your entries
- Add or overwrite existing passwords with
pass insert Licenses/sometool
- Add multi-line entries with
pass insert -m API/pypi
- This is handy to save multiple values or even a whole config file together
- If you retrieve a multi-line entry with
-cit copies the first line to your clipboard
- Your entries are just GPG encrypted files sitting on your file system
- You can organize them however you see fit with custom directories and files
- It’s fully offline but since it’s text you can sync them if you want
- It has shell completions to make it easy to tab complete existing entries
- It supports using git out of the box but this is optional
- Add a new entry with an auto-generated password with
pass generate Sites/mysite.com
It piggy backs off using your GPG key to encrypt everything. If you don’t have your own GPG key I suggest creating one. I have a post about that here.
pass supports multiple flavors of Linux, WSL 2, macOS and more. It has a few browser extensions and other integrations although personally I stick with using the vanilla command line version exclusively.
Here’s a demo video going over how to install and use it:
- 0:00 – Intro
- 0:50 – A drive-by of pass’ features
- 4:17 – Downloading pass and its optional extensions / clients
- 5:03 – Setting a custom directory only for this video
- 6:24 – Initialize pass
- 7:55 – Inserting and overwriting a new entry
- 9:37 – Removing entries
- 9:50 – Multi-line inserts
- 11:13 – Generating random passwords
- 13:52 – Skimming the man pages and searching, moving, copying, etc. entries
- 17:45 – Watch me fail to use the git feature for the first time
# I only ran this to avoid overwriting my existing pass directory. export PASSWORD_STORE_DIR=/tmp/passdemo # Use your gpg-id, you can check with: gpg --list-keys pass init firstname.lastname@example.org pass pass ls pass insert Sites/example.com pass Sites/example.com pass -c Sites/example.com pass rm Sites/example.com pass insert -m API/pypi pass edit API/pypi pass generate Sites/anothersite.org pass generate -c Sites/anothersite123.org pass search Sites pass find pypi pass mv API/pypi Sites/pypi pass cp Sites/pypi Sites/another-pypi pass git init
Are you going to use this terminal based password manager? Let us know!