Until xmlgrrl starts to win with OpenID, we are faced with remembering, or trying to remember, a long list of passwords and user names. I gave up long ago and resorted to a neat and very simple system that I found on the web. I didn't make a note of its source, so to the author, I apologise. If you recognise it, please let me know and I'll attribute you.

Usage? Simple. I type in

>mypass keyword

And I get back the remainder of a line in a GPG protected file telling me all about the keyword. If the keyword is mybank, and the remainder of the line is my username and password, together with the url of the banks online services, then I have the information I need

The idea is simple. GPG and Unxutils from Sourceforge provide a combination that helps Windows climb towards the scripting capabilities of Linux. GPG is available for Windows and the only utility you need from Sourceforge is grep if you want to minimise the install. As of May 09, GPG is at 1.4.9 on Windows and Linux, though 2.0 is around.

Scripts:

#!/bin/bash
echo mypass keyword
PWFILE=/dir/dir/file.gpg
echo gpg -d $PWFILE | /bin/grep -i $@
gpg -d $PWFILE | /bin/grep -i $@

Assuming you have your path set up appropriately, that will run it on Linux and

@echo off
set PWFILE=c:\dir\dir\file.gpg
echo gpg -d %PWFILE% | grep -i $*
gpg -d %PWFILE% | grep -i $*

That hacks it on Windows... nearly

On either system you firstly need to create the encrypted file using GPG. Create a text file, say pwords.txt, as a plain text file. To make it easy to find content I always have the first word on the line as something that is memorable, the name of the bank or the brief name of the website. Always use lower case if you are as lazy as me, simply to help grep find the word! So a line might appear as

sourceforge http://sourceforge.net myusername mypassword

Then I can search on the word sourceforge and it will print out, on the terminal, the remainder of the line. So, to create the file in the first place, and to re-create it once you have updated it with new information, use

>gpg -c -o file.gpg file.txt

This creates the file.gpg (you choose a sensible name) based on encrypting the file.txt content that you created. Now delete the file.txt! - and any backups your editor may have created! I have script files for this since I neither want to delete the encrypted file, nor do I want to leave the text versions on the disk.

When the file is created you'll be prompted for a password. Choose a complex one. It is the only one you'll have to remember now, so make it usable and secure? Alpha-numeric and a dozen characters or so long

That's it. Simple, and effective. If it's important, back it up.