GPG files are easier managed than dedicated password managers.

  • ksynwa
    link
    fedilink
    arrow-up
    2
    ·
    3 years ago

    That’s what passwordstore.org does. The only problem is that you want to clearly indicate which file houses the password for which website, you usually use the website’s name as the filename. For example, password for neopets is saved in neopets.com.gpg. This leaks info about which websites you are storing the password too. Apart from that it is pretty solid.

    • forkbomb9
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      3 years ago

      Not quite true. You coud for ex. store IDKThisSite.gpg, and have it in this format:

      PASSWORD
      
      login: USERNAME
      url: LOGIN_URL
      

      This is also supported by browser extensions for pass, like passff

      And you can still get the password only by pass IDKThisSite | head -n1

      • ksynwa
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        How do you know IDKThisSite is the file you want to decrypt among the 100 other vaguely named files you have?

        • forkbomb9
          link
          fedilink
          arrow-up
          1
          ·
          3 years ago

          Well if you use ffpass you don’t care, ffpass will figure it out for you. If you want to do by hand well, you gotta know what’s more useful for you: ease or use or privacy. You could also store the mappings in a separate, gpg encrypted file in csv for ex.