Add note about password store

Signed-off-by: Recolic Keghart <root@recolic.net>

README.md

@@ -6,7 +6,7 @@ Use GnuPG to unlock gnome-keyring, which is supported by yubikey and other smart
 
 ## Problem
 
-If you're logging into Linux with yubikey `pam_u2f.so`, gnome will ask you to unlock `login` keyring with your login password. 
+If you're logging into Linux with yubikey `pam_u2f.so`, gnome will ask you to unlock `login` keyring with your login password.
 But why are you using yubikey for login? Because I don't want to type the FUCKING LONG PASSWORD.
 
 Currently the only solution is to set the password of `login` keyring to empty. But it's not secure. (If your harddisk got fucked one day, the hacker can get ALL your password saved by chromium, get everything in your keyring.)
@@ -16,9 +16,11 @@ Currently the only solution is to set the password of `login` keyring to empty.
 I encrypt the `keyring-name : password` pair with GnuPG and save it as `secret-file`. Then on starting gnome, you have yubikey inserted. Then an auto-started script call GnuPG to decrypt the secret file, and pipe use the password to unlock your keyring. GnuPG will ask you to insert yubikey.
 
 ## Dependencies
+
 The project uses libgnome-keyring-dev
 
 ### Ubuntu 20.04
+
 libgnome-keyring-dev is not in the repositories, you have to install it and its dependencies manually:
 
 ```
@@ -41,15 +43,17 @@ sudo pacman -S libgnome-keyring
 
 ## Usage
 
-> I recommend you to **configure Yubikey as GPG smartcard**. The system would just ask you to unlock gnome-keyring with your default GPG software. You may generate a new GPG key for yubikey, or move your existing GPG key into yubikey. Refer to google for these knowledge. 
+> I recommend you to **configure Yubikey as GPG smartcard**. The system would just ask you to unlock gnome-keyring with your default GPG software. You may generate a new GPG key for yubikey, or move your existing GPG key into yubikey. Refer to google for these knowledge.
 
 First, build the project from source.
+
 ```
 git clone https://github.com/recolic/gnome-keyring-yubikey-unlock --recursive
 cd gnome-keyring-yubikey-unlock/src && make && cd ..
 ```
 
 Then, create your secret file.
+
 ```
 gnome-keyring-yubikey-unlock/create_secret_file.sh /path/to/your_secret [Your GnuPG public key]
 # input your keyring:password
@@ -57,6 +61,8 @@ gnome-keyring-yubikey-unlock/create_secret_file.sh /path/to/your_secret [Your Gn
 
 As an example, I need to input `login:My_Very_Long_Login_Password`. (You may use `seahorse` or `tools/list_keyrings.sh` to determine the name of your keyring)
 
+Alternatively, use an already existing entry from your [password store](https://www.passwordstore.org/) (e.g. `/home/user/.password-store/password.gpg`)
+
 Then, add the following command to gnome-autostart. You should know how to auto-run a command after starting gnome.
 
 ```
@@ -81,9 +87,9 @@ run `tools/list_keyrings.sh` to check name of your keyrings. The `login` keyring
 
 - Working on keyring `Login`: GNOME\_KEYRING\_RESULT\_BAD\_ARGUMENTS.
 
-Seahorse sometimes show an incorrect name for "Login" keyring. It's real name is `login` instead of `Login`. You may confirm this by running `tools/list_keyrings.sh`. 
+Seahorse sometimes show an incorrect name for "Login" keyring. It's real name is `login` instead of `Login`. You may confirm this by running `tools/list_keyrings.sh`.
 
-- It's simply not working. How do I debug this program? 
+- It's simply not working. How do I debug this program?
 
 ```
 echo 'login:my_password' | bin/unlock_keyrings --secret-file -
@@ -91,5 +97,4 @@ echo 'login:my_password' | bin/unlock_keyrings --secret-file -
 
 ## TODO
 
-This program is using deprecated `libgnome-keyring-1` instead of `libsecret`, because the author could not understand how to use `libsecret`. There's almost no document about how to use `secret_service_unlock_sync()`. 
-
+This program is using deprecated `libgnome-keyring-1` instead of `libsecret`, because the author could not understand how to use `libsecret`. There's almost no document about how to use `secret_service_unlock_sync()`.