Password Managers: Under the Hood of Secrets Management
It would be nice read a similar analysis for password managers that also run on Linux such as: keepassX, keepassXC, pass, etc.
@dethos I mean, pass(1) is really nothing more then a password specialized frontend for GPG.
The popular way to use it leaks metadata through filenames, but thats a minor problem in my opinion. And the answer would probably be to use some kind of encrypted tar(1).
@mathuin You are right, conceptually it is simple and all the hard work is done by `gpg`, nevertheless this sort of analysis could reveal weak spots in the standard usage (like you mentioned) that we should take into account and other possible improvements.
@dethos it would definitely be interesting to read.
This is a personal and private instance.