Fetches file usernames or passwords, presents them in prompt and then copies the selected entry to killring
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.



Espy - Emacs Simple Password Yielder

To espy is to see something at a distance which is what this package is about. This package allows users to fetch a password or a username from a file without visiting it.

This package is kept deliberately short to allow for easy manual checks as to minimize the “hijacked account” attack vector and should ideally be stored without automatic updates.

Username prompt

Espy username prompt of same file

Password prompt

Espy password prompt of same file

Raw password file

Raw password file

This solution compared to other password solutions (pass, keepass, etc)

  • No dependencies (if you want to encrypt your password file you need a encrypter. GPG works best for emacs because of epa)
  • Supports use of any or no file encrypters (anything other than GPG or no encrypter might not work out of the box with espy, but could probably be added easily)
  • A decrypted password file can be opened and edited using any text editor (difficult to do in keepass)
  • Easily change format of password file to fit your favorite major mode.
  • Org mode support (not possible in keepass)
  • Support for both symmetric encryption (not supported by pass) and asymmetric encryption (not officially supported by keepass) when encrypting with GPG
  • When accessing password file in emacs all emacs related security problems are present (e.g every package has full access to everything in emacs), same as with every other emacs password manager


(require 'espy)


First select the directory of your password file by changing espy-password-file e.g.

(setq espy-password-file "~/my-passwords.org.gpg")

Then type M-x espy-get-user or M-x espy-get-pass to select which username or password you want to copy to the killring.

Keep in mind that the username or password will stay in the killring even after being pasted, to fix this you could bind (progn (pop kill-ring) (message "Top killring entry cleared")) which removes the top entry in the killring or setup a timer that removes the last entry in the killring.


The prefixes M-x espy-user and M-x espy-pass uses do detect usernames and passwords and headings can be modified by changing espy-header-prefix espy-user-prefix and espy-pass-prefix. By default it expects org headings (“*”) followed by a username (“user: “) and a password (“pass: “).