Simple Password Storage

There are many programs which offer to securely store your passwords and other sensitive information. Although these are no doubt useful, I don’t really want to bother with funky software or online services which are only probably safe. Instead I’d like to just keep the information in a plain text file which has been encrypted. Using Vim there is a relatively simple way to do this that is secure enough for my purposes.

The only software needed for this is vim (or neovim) and GnuPg. Both these tools are ubiquitous and likely to be found on any linux machine.

We will need to install the vim-gnupg extension to manage the encryption and ensure that our editor doesn’t inadvertently save the plain text to the harddrive. You can either install the plugin directly or use a plugin manager. I like to use the manager vim-plug. After installing vim-plug we can enable the encryption plugin by adding the following lines to the config file (.vimrc)

call plug#begin()

Plug 'jamessan/vim-gnupg'

call plug#end()

and load the plugin by running the following command in (n)vim.

:PlugInstall

GnuPg will by default use public/private key pairs for its encryption. For our purposes here that is actually a bit of a pain. Instead we configure vim-gnupg to use symmetric encryption. This way we only use the password itself in the encryption.

let g:GPGPreferSymmetric = 1

With just these few lines we are ready to rumble. The plugin will automatically kick in for any file ending the the .gpg extension. Whenever we create or edit such a file vim will prompt for a password. Perfect.