[pass] Encrypt filenames in the store
Kjetil Torgrim Homme
kjetil.homme at redpill-linpro.com
Tue Jan 19 13:41:09 CET 2016
On 01/19/2016 01:14 PM, Michael Aquilina wrote:
> I'm actually fairly interested in this too. While having the names of my
> passwords on display is not a huge deal, it does leak some information
> in terms of what sites you've signed up for etc...
>
> If there was a way to hide this information, it would be an improvement IMO.
>
> I do however understand that it moves away from the philosophy of
> keeping simple.
>
step 1: keep your own copy of the password-store safe, in an encrypted
file system.
step 2: if you need to export your repository or share it with others,
use something like https://github.com/joeyh/git-remote-gcrypt (I have
not tested it myself, but it looks like a reasonably simple and safe way
to handle the problem.)
(I do not think the filenames I choose are sufficiently security
sensitive to mandate step 2.)
--
Kjetil T. Homme
Redpill Linpro - Changing the game
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160119/a56a8321/attachment.asc>
More information about the Password-Store
mailing list