Bio

A Visual Storyteller

I've been so passionate about tech, even since my high school days even when I didn't know the right path to follow. I developed this real love for cyber security not because its the course I'm studying in the university; its just about real passion. I started my cyber security journey fully with women techsters fellowship, an initiative of tech4dev.

Home: About

About Me

My Story

I have had the great fortune of working on some truly inspiring projects while networking with many influential and creative individuals along the way. I believe in the power of working together to create a whole that is greater than the sum of its parts. For more information about my career experience, past projects, and current work portfolio, get in touch today.

Home: About

SecPasss Manager

My Work Showcase

SecPass is a simple password management tool that utilizes the linux pass command tool to store passwords inside gpg encrypted files inside a directory residing at ~/.password-store.

The pass utility uses a series of commands to store passwords, add or delete, edit, generate, synchronze and manipulate passwords securely. In this digital age and being tech women, we use our devices for various activities and we need to keep our eye on security. That is storing strong passwords, and files in safe locations. Fortunately, for every usage there are tools and thus as a group we created the SecPass as a training project, in hopes of learning how commercial tools like LastPass and Keepass work without putting our data at risk or spending limited resources.

Benefits of SecPass

pass is open source and thus a user can update the application, and the linux community is always identifying bugs and coming up with extensions making more desirable than other applicayions.
One needs not to make any purchase as the pass command in a linux command tool.
The password.store can remain in your system only, or you can sync it with a private git repository.
It is encrypted with GnuPG to a level of your choosing
The pass command is well documented in the man page thus simple to use and debug.
It is a command line based application but there are GUI extensions available.

Technologies used

Project is created with:

A linux distribution Operating System
A laptop that runs BSD, MacOS Xor any UNIX-derivatives
Workflow tools:
1. pass -provides the centre for the password store and the access to it.
2. GnuPG - offers the tools for encrypting the password store
3. dmenu - it lists the available passwords
4. git - a version control system for software projects which allows access from different locations and restoring old versions.

Setup

Initializing the password store pass init "sally.mukami@womentechsters.org"
creating and generating GPG keys gpg --full-generate-key *GnuPG will create a user ID* Real name: email address Comment
List your keys and take note of the secret key ID gpg --list-secret-keys --keyid-format LONG sec 4096R/ANHGFGRFGRBMGNKLDFOGFIDGYURFYRGRGMJNJJ 2021-06-26 uid Sally k <sajhgyd@womentechsers.com>
with the ID now initiate the pass datastore pass init 'uid'
You can now Generate and fetch passwords from RSA4096-ENCRYPTED password store.

Workflow

Enter passwords

pass insert socialmedia/somebody@techsters.com/LinkedIn pass insert socialmedia/somebody@techsters.com/LinkedIn < password.txt Here socialmedia is the directory that holds all the social media accounts and LinkeIn is the name of the account

Retrieving passwords

pass socialmedia/somebody@techsters.com/LinkedIn Writes the password to stdout

` ` ` pass -c socialmedia/somebody@techsters.com/LinkedIn ` ` ` Writes the retrieved password to the clipboard for 45 seconds