Password Managers: Under the Hood of Secrets Management

It would be nice read a similar analysis for password managers that also run on Linux such as: keepassX, keepassXC, pass, etc.


@dethos I mean, pass(1) is really nothing more then a password specialized frontend for GPG.

The popular way to use it leaks metadata through filenames, but thats a minor problem in my opinion. And the answer would probably be to use some kind of encrypted tar(1).

@mathuin You are right, conceptually it is simple and all the hard work is done by `gpg`, nevertheless this sort of analysis could reveal weak spots in the standard usage (like you mentioned) that we should take into account and other possible improvements.

Sign in to participate in the conversation
Social feed

This is a personal and private instance.