These days, we need to signup on multiple websites, including your banking & financial websites, email providers, domain name registers, news paper sites and many more. A few of the non important ones can do away with a common password. But you cannot risk using the same on critical websites.

The critical websites have funny password rules, about password strengths. Keeping them all in mind can become difficult. Many prefer to use some of the commercially available password managers.

xkcd password strength

Sadly, I have trust issues. Especially trying to store my Banking & Financial websites passwords with them.

A few weeks back, I thought, what if I store my passwords in encrypted plain text files? I would be sure that, it would not be easy for anybody to retrieve details from there and I am sure that my passwords won’t travel to any unknown servers.

The banks, I bank with, require me change your password periodically. They don’t allow me to reuse the last 3 or 4 passwords, I have used with them. This is a real pain. How many times, can you get creative enough to come up with a password that you can remember and is cryptic enough, so nobody can play the guessing game!!

I was browsing the DuckDuckGo “Goodies” page and discovered they have a random password generator builtin. Now I can use DuckDuckGo to generate my random passwords!

DDG Goodies

The only weak link in the entire chain, is that I still need to remember my GPG password to decrypt those plain text files. Now, till the time somebody does not come behind me with a Wrench, all is safe, secured & randomised!

XKCD security

A short guide to store passwords in encrypted plain text files

Install GPG2 on your computer and run

$ gpg2 --gen-key

Follow on screen instructions. It is always a good idea to publish your public key, so if anybody wants to send you encrypted data, they can.

$ gpg2 --send-keys PUB_KEY_ID

Next, create a plain text file and store your data in any format or way you want to. I generally store it in CSV format, something similar to:

website,login,password

Let us save this file, say as passwords.txt. Next run

$ gpg2 -e passwords.txt

This will generate a passwords.txt.gpg file. Delete your passwords.txt file and store this file somewhere secure, but accessible!

Now whenever you need to login,

$ gpg2 -d passwords.txt.gpg 2>&1 | grep website

This will print the password to the terminal, which you can copy & paste. If you are good with writing shell scripts, you can automate this such that, the password is copied directly to your clipboard.