Main Contents

Password Store

June 6, 2008

Two facts lead me to write this little script this evening. The first is that my memory is terrible and the second is that in two weeks time I start a new job involving Perl and this was a great opportunity to get a bit of practice in.

Password Store is a simple script that stores passwords in an AES encrypted file, with an interface to add and remove passwords and list the saved passwords. Passwords are stored with a name so you can identify which one goes with which service. To prevent displaying a stored password in plaintext in the console, the script also allows you to guess at what the password is and it will tell you if you got the right one.

Being something I quickly threw together in an evening I’m not going to claim this is completely secure. Anyone with access to your user account or root on the box in question will be able to watch the interpreters memory and see the passwords in plaintext. It should however provide a simple means to store passwords on your own machine even if someone else gains physical access to the disk.

Examples:

Set up a new Password Store (you will be prompted for a master password):

$ passwords
New Master Password: ******
Confirm Password: ******

Listing all passwords in the Password Store (in plaintext!):

$ passwords –list
Master Password ******
== All Passwords ==
Test: 1337p@55w0rd

Adding a new password to the store:

$ passwords –set –id="My New Password"
Master Password: ******
New Password: *********

Removing a password from the store

$ passwords –remove –id="My New Password"
Master Password: ******

Changing the master password:

$ passwords –master
Master Password: ******
New Master Password: ******
Confirm Password: ******

Checking a guess against the password store (if you don’t want to see the password echoed in plaintext to your terminal):

$ passwords –check –id="My New Password"
Master Password: ******
Check against: ******
Passwords match

You can download Password Store 0.1. It will depend on the following things:

  • Unix/Linux (haven’t tested Mac OS X)
  • aespipe
  • The following Perl modules (which will probably already be installed on your system)
    • Getopt::Long
    • IO::Prompt
    • Digest::MD5

Just as a side note, the password input prompt is very naive and doesn’t handle backspaces. If you make a mistake, quit the application with ctrl+C and re-run it.

Filed under: development |

Leave a comment

« Perlbak