The below should work on Linux of all flavors and on MacOS. It could also work on Windows with the Ubuntu Linux subsystem.
First create a text file to store your passwords
in. Let's call it
myfile.txt (you want to give
it an inconspicous name). Enter some passwords (or just some
sample text). Next, we are going to encrypt the file
openssl. In a terminal, enter the
It will prompt you twice for a password. Make sure to pick a strong password that you can remember (see here for some guidance). You now have an encrypted file and you should delete the unencrypted text file.
$ openssl enc -aes-256-cbc -salt -in myfile.txt -out myfile.txt.enc
For decrypting, use
You'll of course be prompted for your password. In the above, we've used the
$ openssl enc -aes-256-cbc -d -in myfile.txt.enc -out myfile.txt
aes-256-cbccypher, which is a symmetric encryption cypher used by the US government for top secret information. The
-saltoption in the encryption command is important, because it strengthens the encryption when the key is derived from a password (as in our case).
Don't forget to securely delete your plain text password
file whenever you are done using it. Just deleting the
file usually will keep information recoverable. On
Linux/MacOS, you can use
gshred on some systems) to overwrite a file with random
information. You can then just delete it with