[pass] Adding support for symmetric encryption
dashohoxha at gmail.com
Tue Jan 26 20:21:43 CET 2016
Now it picks out automatically which gpg encryption to use,
based on the presence of the file .gpg-id
On the init command, if no gpg-id is given as argument,
then no .gpg-id file will be created, and the rest will always be
If one (or more) gpg-id are given on init, a .gpg-id file will be created
and everything will be same as before (symmetric encryption/decryption).
Check it out here:
I have tested it, and it works well for me.
On Tue, Jan 26, 2016 at 5:52 PM, Allan Odgaard <lists+pass at simplit.com>
> On 26 Jan 2016, at 23:03, Matthieu Weber wrote:
> On Tue 26.01.2016 at 10:14:46PM +0700, Allan Odgaard wrote:
>>> Furthermore, even with a 12 byte passphrase, it is user generated,
>>> so it is unlikely to be truly random, which decrease the search
>>> space (often significantly).
>> http://world.std.com/~reinhold/diceware.html solves that problem.
> This is basically suggesting 25-30 throws of the dice for a truly random
> password resulting in 65-77 bit keys: log2((6^5)^5)
> The “dicelist” is there to make it possible for people to remember a 65-77
> bit random number, but good luck convincing people to use this scheme and
> also to have them generate a new passphrase for each new application.
> So in practice, I think asymmetric encryption is the better/stronger
>> You only displace the problem, by having to protect your private key
>> with a passphrase.
> Which is still better since an attacker will need to steal your key before
> they can brute-force your passphrase, and if you are worried about this,
> you can move the key to a physical token, so now this physical token needs
> to be stolen for someone to decrypt your files, and this physical token can
> have its own security requiring specialized tools in order to break them.
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Password-Store