[pass] Mailman page is unencrypted HTTP

Jason A. Donenfeld Jason at zx2c4.com
Fri Feb 5 20:03:17 CET 2016

I like the suggestion of removing the password field all together.
Nice thinking there.

Others here are right though -- mailman stores your passwords in
cleartext and emails them to you in cleartext.

But of course the general sentiment is worthwhile: I should add TLS to
all zx2c4.com domains as well as passwordstore.org. It'll happen
sooner or later, hopefully sooner, don't worry.

More information about the Password-Store mailing list