8/2/2023 0 Comments Macpass autocomplete shortcut![]() The combination of mouse and keyboard can make alternative password managers slower. You type ‘’pass -c goo’’ for your Google account, instead of clicking on your password manager, typing password, searching in data base, finding the right entry, copying password or pressing auto complete and closing the database. > * It’s more convenient than a single file password manager. Also you say extract the password without decrypting, you still need to decrypt the password. I still consider leaking metadata a more serious potential for issues, than having to decrypt the whole database. That might sound a con, but in exchange you get the ability to extract a password without decrypting and thus exposing other passwords. I'm using keepassxc, which surprisingly does not get much publicity here on HN. Many password managers allow most of things, so I'm not convinced. Overall it’s very convenient and functional. But this is hypothetical for most of us! Also, some people don’t like metadata (filenames) leakage, though apparently there are solutions for that. For example, if you store your database on a cloud, say, Dropbox, Dropbox could switch your file with file, and you copy and hand over your Google password to Dropbox. * GPG is usually widely available, so you can decrypt a password on another system on which you may not admin rights to install your password manager. * You can encrypt to multiple keys, thus use it similar to LUKS that supports multiple passwords. * It’s secure, because it’s a short bash script that you can check, and delegates encryption to a dedicated well-audited cryptographic tool. This is unparalleled convenience and security! Your password is basically a short PIN with max 3 tries. * It uses GPG which means your secret key can be stored on Yubikey, handled by a dedicated agent. * You can easily program it, eg, write a backup script that grab a password from store. * You don’t need your master password to add a new password (it uses asymmetric encryption). ![]() * It’s more convenient than a single file password manager. ![]() Termux-toast -s "Password remove from clipboard" Termux-toast -s "Password copied to clipboard" Okc-gpg -d ~/.password-store/"$password".gpg 2>/dev/null | head -n 1 | termux-clipboard-set Password_files_csv=$(printf '%s,' sheet -t "Select password" -v "$password_files_csv")Ĭhoice_exit=$(echo "$choice_json" | jq. # Lists passwords in termux dialog, decrypting selection to clipboard for 45s #!/data/data/com.termux/files/usr/bin/env bash I made a termux shortcut (button on homescreen) to emulate pass-dmenu via this ( store in ~/.shortcuts): Simple password decrypt: okc-gpg -d ~/.password-store/mypass.gpg Termux does supports gpg and pass but no yubikey by default, but okc-agent is a third party binding of OpenKe圜hain, providing barebones gpg via yubikey. But this is still okay since I can SSH to my desktop computer from Windows and copy/paste the passwords from there. The Windows client seems to be no longer maintained, so I would like better support here for my Surface. ![]() Syncing with my phone and Linux devices works perfectly (since it's just git). I used a browser extension for awhile, but I haven't gotten around to reinstalling since the copy/paste works fine for me. The passwords are GPG encrypted so even if it were leaked that would be okay as long as my secret key remains secure.Īs far as usability goes, I usually use the -c option to copy/paste my passwords. So if your git repo is not exposed to the public, you don't leak any of the site names/usernames you use. (A lot of people seem to think git = GitHub which is not true). I host my git repo on my desktop computer (through SSH), so it's not exposed anywhere except if you have SSH access to my computer. I've been using pass for several years now and I recommend it to my friends, but I usually get weird looks when I say I store my passwords in a git repo (it's not as bad as it sounds!).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |