This emacs package improves on the user interface for password-store.el (see https://www.passwordstore.org/), adding a friendly transient pop-up.
Here’s what that looks like:
The package adds a bunch of useful features, including:
- A minor mode for editing/inserting password files
- Changes to password files are auto-committed to git
- Easy browsing and viewing of entries
- Inserting multi-line passwords
- Generating passwords with arguments (e.g. length, no-symbols)
- Initializing a new password folder with interactive selection of encryption keys
- Verification: check that your password entries are correctly encrypted
- Showing password QR code inside emacs in text or image format
- Generating QR Codes for fields as well as secrets
- Grep with support for emacs grep mode
I have some plans to support the following in the future:
- otp
- adding files to the password store
On some systems the command-line utility qrencode
is automatically
installed with pass
. If qrencode
is in your path, this will be
detected and used.
If you dont have qrencode
or prefer elisp-native encoding, you can
install qrencode.el instead, and that will be used.
This package is available through MELPA. You can use “package-install” to install it.
After installing, make sure to “require” the package and call “password-store-menu-enable”, which will install the keybinding for password-store-menu, and make sure that your password files will be opened in a special edit mode.
(require 'password-store-menu)
(setopt
;; Optionally set a custom key, default is C-c p
password-store-menu-key "C-c p"
;; Auto commit can be turned off, default is t
password-store-menu-edit-auto-commit t)
;; Binds the key and enables password-store-menu-edit-mode
(password-store-menu-enable)
With use-package it looks like this:
(use-package password-store-menu
:ensure t
:config (password-store-menu-enable)
:custom (password-store-menu-key "C-c p"))
By default, the password-store popup menu will be bound to the key
C-c p
. You can configure this (see above).
The following menu items are available:
Key | Name | Description |
---|---|---|
b | Browse | Open the URL field in a browser and |
c or p | Copy Secret | Copy the secret into the clipboard |
f | Copy Field | Select a field from the entry and copy it |
o | Browse and Copy | Open the URL field in a browser and copy the secret into the clipboard |
v | View | Open entry in view-mode |
q | QR Code | View QR code for secret in an Emacs buffer |
Key | Name | Description |
---|---|---|
D | Delete | Delete password entry |
e | Edit | Edit entry by visiting it |
E | Edit (pass) | Edit entry by calling “pass edit” |
i | Insert | Insert a new password entry (single line: secret only) |
I | Insert multiline | Insert a new entry - open a buffer to create a multiline file |
g | Generate | Generate a new password |
r | Rename | Rename an entry |
Key | Name | Description |
---|---|---|
+ | Init subfolder | Initialize a new subfolder with its own recipients |
d | Dired | Open password store folder with dired |
G | Grep | Search password entries for text patterns |
R | Recipients | Recipient submenu (see below) |
Key | Name | Description |
---|---|---|
V= | Diff | Show VC diff |
Vp | Pull | Pull from VC |
VP | Push | Push to VC |
Your password store contains a file .gpg-id
, which holds a list of
GPG keys to encrypt password entries for. Password-store-menu can help
you edit these recipients with a friendly user interface and will
re-encrypt your password entries for the new recipients.
If you use different tools or more password entries around, it can
happen that an entry is not actually encrypted for the correct list of
recipients in .gpg-id
. Password-store-menu can verify your entries
for you to make sure that everything is encrypted correctly.