[pass] Feature Proposal: Edit Before Save and Commit
jonas at cowboyprogrammer.org
Sun Mar 20 23:03:01 CET 2016
On 03/20/2016 07:20 PM, al wrote:
> A frequent problem I encounter is that I must constantly generate
> passwords for weaker sites (I am new to the list, so let's all crack up
> and suppose banking sites). I use the following command of course.
>> pass generate -c folder/my-crappy-insecure-web-app-du-jour 24
> Only to discover after the fact the vague, and often completely
> unpublished, password requirements are weaker than even advertised.
I found this to be any issue too. This line has never failed me yet though:
pwgen -B -s 20 1
It does not include the `-y` argument (symbols) which is typically what
some stupid sites will prevent you from using.
> I must go through a constant hair-pulling
>> pass git reset --hard HEAD~1
There is a better way. I'll paste a script I use. It generates a
password, and opens an editor for you. The password will be in the
clipboard (middle-mouse button for me) so you can paste into the site
and actually register successfully before saving and committing.
Call it with:
# A simple wrapper for pass edit. Takes one argument, and that is the
# password file to open (which can be new). As a convenience, a new
# password is generated and placed in the clipboard so you can paste
# it with Mouse3.
if [ $# -eq 0 ]; then
echo "No arguments provided"
# Borrowing from pass
# This base64 business is because bash cannot store binary data in a
# shell variable. Specifically, it cannot store nulls nor
# (non-trivally) store trailing new lines.
local sleep_argv0="password store sleep on display $DISPLAY"
pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | base64)"
echo -n "$1" | xclip -selection "$X_SELECTION" || \
die "Error: Could not copy data to the clipboard"
( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
now="$(xclip -o -selection "$X_SELECTION" | base64)"
[[ $now != $(echo -n "$1" | base64) ]] && before="$now"
# It might be nice to programmatically check to see if klipper
# exists, as well as checking for other common clipboard
# managers. But for now, this works fine -- if qdbus isn't there
# or if klipper isn't running, this essentially becomes a no-op.
# Clipboard managers frequently write their history out in
# plaintext, so we axe it here:
qdbus org.kde.klipper \
/klipper org.kde.klipper.klipper.clearClipboardHistory \
echo "$before" | base64 -d | xclip -selection "$X_SELECTION"
) 2>/dev/null & disown
#echo "Copied $2 to clipboard. Will clear in $CLIP_TIME seconds."
# -B - don't use ambiguious characters
# -s - added randomness
# 20 chars long
# 1 output only
pw=$(pwgen -B -s 20 1)
# Copy password to clipboard
# Open editor, paste password with Mouse3
pass edit "$1"
More information about the Password-Store