Posted on (↻ ).

In this post, I’ll show you the way I manage my passwords with the concept of one unique master password, illustrated in the excellent Yann Esposito’s Password Management.

Table of Contents

Creating Passwords

The Material

encrypt

#!/bin/sh

shasum -a 512 | base64

slice

#!/bin/sh

cut -c $1 | head -n 1

alnum

#!/bin/sh

sed s/[^[:alnum:]]//g

make-password

#!/bin/sh

name=$1
domain=$2
password=$3
length=${4:-10}

printf "$name@$domain:$password" | encrypt | slice 1-$length

Usage

make-password {name} {domain} {password} [length = 10]

Example – Create an account on GitHub:

make-password alexherbo2 github.com my-unique-password
# ODUwMjJmMm

Example – Create an account on a site with restricted characters:

If your password is limited to alphanumeric characters, you can use alnum:

make-password alexherbo2 example.com my-unique-password | alnum
# NWVhNWJkZT

Managing Passwords

The Material

get-password

#!/usr/bin/env ruby

require 'yaml'

data = YAML.load(File.read(File.join(ENV['XDG_CONFIG_HOME'], 'passwords.yml')))

key = ARGV.join(' ')

begin
  puts data[key].last
rescue
  exit 1
end

menu-password

#!/usr/bin/env ruby

require 'yaml'

data = YAML.load(File.read(File.join(ENV['XDG_CONFIG_HOME'], 'passwords.yml')))

key = ARGV.join(' ')

if not key.empty?
  puts data[key].last
else
  puts data.keys.join("\n")
end

make-password

password=${3:-$(get-password master)}

Usage

Add your master password in ~/.config/passwords.yml:

~/.config/passwords.yml

master:
- my-unique-password

Now you can generate new passwords without filling your master password.

Example

make-password alexherbo2 github.com
# ODUwMjJmMm

Add it to your ~/.config/passwords.yml:

~/.config/passwords.yml

alexherbo2@github.com:
- ODUwMjJmMm

You can now get it with:

get-password alexherbo2@github.com

Or the menu command using fzf:

get-password (menu-password | fzf)