pwsafe is in the Debian/Ubuntu repositories and I assume should be in most of the major Linux distributions. If you can't find it for your distro, you can get it here.
Once installed, you will need to create a new database.
$ pwsafe --createdb
You be asked to create a password for this database, make sure it is unique, secure and don't forget it.
Once that is done you're ready to add an entry.
$ pwsafe -a name
This will initiate the following:
Enter passphrase for /home/jared/.pwsafe.dat:
group []: Web
username: xxxxxxxxx
password [return for random]:
password again:
notes: access to jaredandcoralee.com ftp and panel
This is pretty straight forward. You are asked for your passphrase (the one
created when you first set up your database) and then a group name. This is a
nice feature to catagorize your passwords. I have a group for Finance, Websites,
Work, etc. You can then search or list information just for those groups. Next you will enter a username, password (twice) and notes. The notes is nice for security questions you may be asked on bank sites for authentication where you can never remember the answer.
To view a list of entries with in a group.
$ pwsafe -l groupname
You will be prompted for your passphrase. The groupname is optional, but helps cut down on the output. This will just print out group, name and your notes. No passwords will be displayed.
To view your passwords,
$ pwsafe -upE name
Again you will be prompted for your passphrase and your username and password will be displayed. There's a lot more you can do with pwsafe. See the man page for more info.
Enjoy.
2 comments:
I've been using KeePassX for the same purpose. Its killer feature is automatic generation of passwords, matching certain criteria. On the other hand, --mergedb sounds much better than the hand-merging I have occasionally done.
I've always been leery of these types of programs because they really change the way the game works.
If I were to compromise your computer, and realize you are running a password keeping program, I'd only have to find 1 more password ever. Then I would have all your passwords and full knowledge of where they work, and as you noted with your notes I would be able to know the extra questions that are going to be asked etc.
I see these as a security risk, just my thoughts.
Post a Comment