diff --git a/bin/pw b/bin/pw
new file mode 100755
index 0000000..815162d
--- /dev/null
+++ b/bin/pw
@@ -0,0 +1,39 @@
+#!/bin/bash
+set -euo pipefail
+
+purge=0
+ttl=${PW_TTL:-259200}
+
+usage() { echo "Usage: $0 [-t SECONDS] [-f]" 1>&2; exit 1; }
+
+while getopts ":ft:" o; do
+  case "${o}" in
+    f)
+      purge=1
+      ;;
+    t)
+      ttl=${OPTARG}
+      ;;
+    *)
+      usage
+      ;;
+  esac
+done
+shift $((OPTIND-1))
+
+var="$1"
+shift
+
+if [ -z "${var}" ]; then
+    usage
+fi
+
+key="pw.${var}"
+if [ "${purge}" == "1" ]; then
+  keyctl purge user "${key}" >>/dev/null 2>&1 || true
+fi
+out=$(systemd-ask-password --accept-cached --keyname="${key}" "${var}:")
+key_id=$(keyctl request user "${key}" 2>/dev/null)
+keyctl timeout "$key_id" "$ttl"
+printf "%s" "$out"
+
diff --git a/bin/pwenv b/bin/pwenv
deleted file mode 100755
index 2418d89..0000000
--- a/bin/pwenv
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/bash
-set -eu
-
-purge=0
-ttl=259200
-
-usage() { echo "Usage: $0 [-t SECONDS] [-f]" 1>&2; exit 1; }
-
-while getopts ":ft:" o; do
-  case "${o}" in
-    f)
-      purge=1
-      ;;
-    t)
-      ttl=${OPTARG}
-      ;;
-    *)
-      usage
-      ;;
-  esac
-done
-shift $((OPTIND-1))
-
-var="$1"
-shift
-
-if [ -z "${var}" ]; then
-    usage
-fi
-
-function get_password() {
-  key="pwenv.${var}"
-  if [ "${purge}" == "1" ]; then
-    keyctl purge user ${key} 2>&1 >>/dev/null || true
-  fi
-  out=$(systemd-ask-password --accept-cached --keyname="${key}" "${var}:")
-  key_id=$(keyctl request user ${key} 2>/dev/null)
-  keyctl timeout $key_id $ttl
-  echo $out
-}
-
-exec env ${var}=$(get_password) "$@"