Table of Contents
Passwords
Passwords are really the weak point in many instances, people are poor at remembering passwords that are hard to crack. XKCD exemplifies this…
A sensible solution is to use a password manager, a piece of software the generates long, random passwords and encrypts them using OpenPGP (or a variant thereof) so that you only need to remember your gnupg password to access all of your passwords. Several options exist such as the GUI orientated KeePass, but being CLI orientated I opted for the simpler pass which rather handily has an Android Application.
Installation
GNU/Linux
Gentoo
- snippet.bash
emerge -av app-admin/pass app-crypt/gpg www-plugins/browserpass
Arch
- snippet.bash
pacman -Syu pass gpg browserpass-firefox
Android
Install the password and OpenKeychain applications from the F-Droid Store (or from Google Play if you have not enabled installation of applications from outside of there).
Firefox
Two options
Chrome
Install browserpass
Opera
You can install Chrome plugins under Opera so it is possible to install browserpass after you have installed the install-chrome-extensions add-on.
Browserpass
To use browserpass-extension you need to have the browserpass-native installed as it provides the interface between the browser extensions and pass
on your system.
- snippet.bash
# Gentoo emerge -av www-plugins/browserpass # Arch pacman -Syu browserpass
If you are using Arch Linux then all you need to do is install browerpass-firefox
(or browserpass-chromium
)
- snippet.bash
pacman -Syu browserpass-firefox
Other systems you have some work to do, I use Gentoo and the instructions for configuring your browser didn't make sense since the listed files after installing the www-plugins/browserpass
package didn't include any Makefile
against which make
could be run, far less under the noted /usr/lib/browserpass/
directory. What it does show though is that JSON files are installed for Mozilla, Chromium and Chrome and a binary at /usr/libexec/browserpass-native
…
- snippet.bash
# equery f browserpass * Searching for browserpass ... * Contents of www-plugins/browserpass-3.0.10: /etc /etc/chromium /etc/chromium/native-messaging-hosts /etc/chromium/native-messaging-hosts/com.github.browserpass.native.json /etc/opt /etc/opt/chrome /etc/opt/chrome/native-messaging-hosts /etc/opt/chrome/native-messaging-hosts/com.github.browserpass.native.json /usr /usr/lib /usr/lib/mozilla /usr/lib/mozilla/native-messaging-hosts /usr/lib/mozilla/native-messaging-hosts/com.github.browserpass.native.json /usr/lib64 /usr/lib64/mozilla /usr/lib64/mozilla/native-messaging-hosts /usr/lib64/mozilla/native-messaging-hosts/com.github.browserpass.native.json /usr/libexec /usr/libexec/browserpass-native
…which is encouraging as it looks like its configured out of the box for some of the browsers it supports. I have Chromium (bin) installed and whilst I don't use it I do use Opera and installed the browserpass-extension and it “Just Works(TM)”.
Updating GPG Key
This is, purportedly, pretty straight-forward, you simply re-initialise pass
with the gpg-id you wish to use, it will renecrypt all existing passwords that are not currently encrypted with that key for you…
- snippet.bash
pass init [ --path=sub-folder, -p sub-folder ] new-gpg-id