Simple password manager based on the 7-Zip program
pwmgr.py manages an encrypted .7z archive containing a text file. Passwords are stored in and retrieved from this file. A master password must be entered to access the archive.
- 7-Zip Command Line Version
- python3 (3.6+)
- xclip (for X selection use)
- Place
pwmgr.pyand the emptypvaultdirectory in the same directory. - (Optional): Create a bash alias such as
pwmgr="python full_path_to_pwmgr.py"to easily invoke the script from any bash shell withpwmgr...(otherwise replacepwmgrwithpython full_path_to_pwmgr.pyin the following code). - Create a new 'user' with
pwmgr -n username. This invokes the 7-Zip executable to create a.7zarchive calledusernamein thepvaultdirectory. You will be prompted to enter a password for the archive, which acts as the master password for the manager. A default configuration file is also created (Configuration). - For those wishing to transfer passwords from another manager or listing, see Manually creating an archive.
Add or update a password for an application with the -u switch:
pwmgr -u application_name
A prompt will be given to enter the new password (just hit enter to have a password generated and copied to the clipboard).
To retrieve a password for an application, just use the application's name as an argument:
pwmgr application_name
By default, the first password found for that application will be copied to the clipboard.
Refer to pwmgr --help for further options and usage notes.
During set-up, there are two main settings in pwmgr_config that you may wish to change. The format for each line of this file is setting_name setting_value (whitespace delimited).
7z_application(Default:7z). This is the name of the 7-Zip executable on your system, typically7z. The path to the executable may also be used if it is not on your path (e.g./usr/bin/7z).pvault_dir(Default:pvault). If you wish to place thepvaultdirectory anywhere other than alongsidepwmgr.py, or use a different directory name, change this to the absolute path to the directory.
For a description of all available settings, view pwmgr --help.
pwmgr works by writing passwords to a text file called passes stored within the encrypted archive. Similar to the configuration file, the format of each line passes is a pair of fields separated by whitespace, this time describing an application's name and the associated password:
application_name application_password
The line is split on the first whitespace, so application_name cannot contain spaces.
In order to create an archive that can be used by pwmgr containing existing password, simply create a file called passes with this syntax and add it to a password protected .7z archive using the 7-Zip program using, for example,
7z a archive_name. passes -parchive_password -mhe
(the period trailing archive_name prevents 7z from appending the .7z extension which you may or may not want).
This archive must be placed in the pvault directory (or whichever directory is specified in pwmgr_config).
In order to get pwmgr to point to your new archive, use
pwmgr -sa archive_name
Equivalently, change the value the archive_name setting in pwmgr_config.
- Option to use xsel instead of xclip
- Windows port using the pyclip python package
- Option to include punctuation in generated passwords
- Ability to remove password entries
This program was written for fun. I cannot advise using it to store passwords for accounts other than those that are absolutely expendable. In particular, please do not rely on the password generator tool included with the script to create a secure password (its randomness is only as good as your system's os.urandom() implementation).
- Migrated from a private repository
- Option to generate passwords on update
- Abililty to switch archive (
-sa) and create a new archive (-n)