Skip to content

ccstolley/pwm

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

116 Commits
.github/workflows
.github/workflows
 
 
portable
portable
 
 
test
test
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
pwm.cc
pwm.cc
 
 
pwm.h
pwm.h
 
 

Repository files navigation

PWM - a simple password manager

pwm stores passwords in an encrypted file on disk and provides a simple interface for retrieving or updating them.

usage: pwm [-d | -C | -u <name> [<meta>...] | -r name | <pattern>

options:
  -C  change master password on existing store
  -d  dump all passwords to stderr
  -l  linger for passwordless queries in future invocations
  -u  create/update password with <name> and optional <meta> data
  -r  remove password with <name>

The first time pwm is run in update mode, it will initialize a new encrypted file for storage and you will be prompted to set a passphrase.

The default location of the store is ${HOME}/.pwmstore but can be overridden in the environment by setting PWM_STORE.

The linger feature causes pwm to fork into the background after a query is executed and this instance will hold the master key in memory for a limited time. Subsequent pwm invocations can ask the lingering pwm for the key without prompting the user for the master passphrase. Passwordless access to the password store is a potential security risk, so this feature is disabled by default. Linger can also be enabled by setting an environment variable eg., PWM_LINGER=10800.

Running pwm on multiple machines with copies of the same store can create consistency problems, so you can force pwm to be read-only by setting PWM_READONLY=1.

pwm generates random passwords for you when you add/update--it does not allow you to store existing passwords.

Supported Platforms

OpenBSD and Linux.

Examples

Add hotmail to password store:

$ pwm -u hotmail [email protected]
passphrase:

hotmail: [email protected]
1NJsP$waF0Z$Wzh

The password is written to stdout while everything else is written to stderr. This enables you to pipe the password to xclip or similar for easy cut-and-paste into password prompts.

Retrieve password for hotmail:

$ pwm hotmail
passphrase:

hotmail: [email protected]
1NJsP$waF0Z$Wzh

Set a new password for hotmail:

$ pwm -u hotmail
passphrase:
[old] hotmail3: 1NJsP$waF0Z$Wzh

hotmail3:
JhcrXKvUwsTtKA6

The old password is printed to stderr in case it is needed for "old password" fields.

Store a password, username and other info for EvilBank:

$ pwm -u evilbank [email protected] PIN:2041
passphrase:

evilbank: [email protected] PIN:2041
sluDy7kHtAoHErh

You can shorten names (eg, pwm gm instead of gmail) if it matches exactly one entry.

About

A simple CLI password manager.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages