As part of my ongoing process to address my personal technical debt, I have been trying to figure out how to handle my passwords. See, I have not maintained good personal password policies. To help get control of that, I’ve been using LastPass.
Unfortunately, LastPass is not free software. I use closed source software like most other practically-minded people, but I think of it as a risky choice, and as its own form of technical debt. There is something troubling about replacing one form of technical debt with another that I don’t like.
That being said, I am trying to be more practical and less ideological, whenever possible. Good enough is good enough. Better is better. Perfection doesn’t exist. Thus, I think LastPass is a reasonably good way to tackle my password problems.
However, one requirement I have is to be able to export my lastpass passwords. I don’t want to be dependent upon LastPass for my entire online life.
I was able to hack together a nice little script to do this for me. Basically, it:
Prompts the user for LastPass authentication data. Passwords are read via
IO#noechoso your passwords won’t be visible on the console.
Contacts LastPass and downloads the password database. The LastPass ruby gem makes this easy.
Prompts the user for a password to encrypt the downloaded lastpass data with.
Uses the gpg command to create a password-encrypted database.
The code is available on Github. It requires the lastpass gem to be installed, along with gpg.
bash-3.2$ lastpass-backup ~/Dropbox/foo.gpg Lastpass Email: Lastpass Password: Connecting to lastpass GPG Passphrase to encrypt export: You access the export by running: gpg -d /Users/joel/Dropbox/foo.gpg And entering the GPG passphrase you used.
Accessing the database:
bash-3.2$ gpg -d ~/Dropbox/foo.gpg gpg: CAST5 encrypted data gpg: encrypted with 1 passphrase ...