Once I was happy with Password Safe, but I wanted something even simpler.
Here is my solution I use daily. You only have to memorize your master password. The following script can be publically available to anyone. Run it, enter master password and your generated password is pushed to clipboard(s).
#!/usr/bin/env bash read -p "Enter the master password: " MASTER ACCOUNT=dennis.yurichev HOST=gmail.com # To be incremented if you have to change this password # For example, if compromised: SALT=1 # Dashes here are only for readability. May be omitted. TO_BE_HASHED=$MASTER-$ACCOUNT-$HOST-$SALT echo To be hashed: $TO_BE_HASHED # https://superuser.com/questions/601894/how-to-get-sha1sum-to-output-binary # md5sum is OK, even since it's broken # sha1sum as well, but will make the resulting password longer # other alternatives: sha224sum, sha256sum, sha384sum. # Warning: sha512sum may have multiline output # tr used to remove trailing '=' characters - they don't add any security PW=$(echo $TO_BE_HASHED | md5sum | xxd -r -p | base64 | tr -d '=') echo $PW # Copy generated password to both XWindows clipboards: echo -ne $PW | xsel -i -p echo -ne $PW | xsel -i -b echo Password is copied to both clipboard
They only problem is that master password leak will reveal all other passwords for your accounts.
Some aditional tinkering may shorten the length of password without loss of security It may be a good idea, because there are always online services that don't allow too long passwords, or truncate them silently. See: Uuencoding, Ascii85.
This is to be fixed in my next blog post.
Yes, I know about these lousy Disqus ads. Please use adblocker. I would consider to subscribe to 'pro' version of Disqus if the signal/noise ratio in comments would be good enough.