Why I Switched to pass — A Terminal-Based Password Manager

I recently moved from using GUI password managers to a terminal-first tool called pass (https://github.com/peff/pass). If you’re a developer or power user who spends most of the day in the terminal, this switch is worth considering. Below I’ll explain why I switched, how I use it, and what I learned — plus a cheat-sheet of the exact commands I run daily.

TL;DR (If you’re skimming)

• pass is simple, Unixy, and integrates into git/GPG workflows.
• You get full control over your password store (plaintext is encrypted with GPG, files are easy to sync).
• Trade-offs: less eye candy and a bit more initial setup than GUI tools.
• Great portfolio blog topic — shows security awareness, dev workflows, and practical trade-offs. And if you’re wondering: yes, I use Linux btw 😉

Quick Setup & Why it Fits a Dev Workflow

pass follows the Unix philosophy: small composable tool, plain-files (encrypted), git-friendly. I can edit credentials in my editor, sync them to a remote repo I control, and script everything. That makes it ideal if you want reproducible, auditable secrets in a dev-centric environment.

Command Cheat Sheet (what I use daily)

# Insert a new entry interactively
pass insert (name)

# Generate a random password for AWS (example — adapt args per your config)
pass generate aws 16    # generates 16-char random password and saves as `aws`

# Find entries by name (matches hierarchical store like github, gmail)
pass find github
pass find gmail

# Edit an entry (opens your $EDITOR)
pass edit github

# Search contents for an email or text pattern
pass grep "aumoza@example.com"
pass grep "email:"

# Show an entry (prints decrypted content to terminal)
pass show github

# Copy the password to clipboard (copies for ~45 seconds then clears)
pass show -c github