The standard unix password manager you never heard of

Recently I switched my work environment from OS X to Ubuntu (a post on that project is in the works).

For years I’ve been using the standard Apple Keychain app, which has several points in its favor: it’s included with the OS, it integrates well with a lot of applications, and is not trying to “freemium” me into a paid tier. However, it’s OS X only, which meant I had to find something new.

I wanted something that was cross-platform, simple, and capable of securely sharing the store across machines. Ideally I wanted it to be open source as well. I did not particularly need a phone app as part of the package.

There are scads of password managers out there, and I got many enthusiastic recommendations, but the best came via my co-worker Matt Simpson:

pass, the standard unix password manager.

The subtitle is somewhat aspirational, but not an unreasonable goal. It’s a tool that does one thing well. It leverages existing, proven software like GPG and Git. Using it on the command line, you feel like it belongs. (Especially if you use shell completion.)

For shared storage, I set up a private Git repo on Bitbucket. I cut one branch for my work data, and another for personal. I installed it on my work (Linux) machine and my personal (OS X) machine both, and may well end up putting it on my FreeBSD VPS too.