There are a raft of tools out there for secure storage of passwords, but they will all come and go, Vim and GnuPG are forever.
Here’s the config:
augroup encrypted au! " First make sure nothing is written to ~/.viminfo while editing " an encrypted file. autocmd BufReadPre,FileReadPre *.gpg set viminfo= " We don't want a swap file, as it writes unencrypted data to disk autocmd BufReadPre,FileReadPre *.gpg set noswapfile " Switch to binary mode to read the encrypted file autocmd BufReadPre,FileReadPre *.gpg set bin autocmd BufReadPre,FileReadPre *.gpg let ch_save = &ch|set ch=2 autocmd BufReadPost,FileReadPost *.gpg '[,']!gpg --decrypt 2> /dev/null " Switch to normal mode for editing autocmd BufReadPost,FileReadPost *.gpg set nobin autocmd BufReadPost,FileReadPost *.gpg let &ch = ch_save|unlet ch_save autocmd BufReadPost,FileReadPost *.gpg execute ":doautocmd BufReadPost " . expand("%:r") " Convert all text to encrypted text before writing autocmd BufWritePre,FileWritePre *.gpg '[,']!gpg --default-recipient-self -ae 2>/dev/null " Undo the encryption so we are back in the normal text, directly " after the file has been written. autocmd BufWritePost,FileWritePost *.gpg u " Fold entries by default autocmd BufReadPre,FileReadPre *.gpg set foldmethod=expr autocmd BufReadPre,FileReadPre *.gpg set foldexpr=getline(v:lnum)=~'^\\s*$'&&getline(v:lnum+1)=~'\\S'?'<1':1 augroup END
Now, open a file, say
super_secret_passwords.gpg and enter your passwords
with a blank line between each set:
My Twitter account malc : s3cr3t My Facebook account malc : s3cr3t My LinkedIn account malc : s3cr3t
When you write the file out, it will be encrypted with your GPG key. When you next open it, you’ll be prompted for your GPG private key passphrase to decrypt the file.
The line folding config will mean all the passwords will be hidden by default
when you open the file, you can reveal the details using
zo (or right arrow /
l) with the cursor over the password title.
I like this system because as long as I have
gpg and my private key available,
I can extract any long lost password from my collection.