[pass][new feature] item information

Vahid Ma'ani vahidmaani at gmail.com
Sun Jan 1 06:20:18 CET 2017


I'm confident about myself and my own system, but forcing team members to
observe  all safety cases is very difficult.

---------------------------------
*وحید معانی*
*Vahid Ma'ani*
Vahid.Maani at gmail.com | gnutips.ir



On Dec 31, 2016 11:33 PM, "Lenz Weber" <mail at lenzw.de> wrote:

> You do realize that an atacker that is deep enough in your system to
> exploit your cached password also could just log your keystrokes as you
> type the password? (More reliably if you do so very often)
>
> Of course using a low timeout is useful if you leave your PC unlocked a
> lot, but not caching at all will not save you from most attacks.
>
> Am 31.12.2016 um 20:20 schrieb Vahid Ma'ani:
> > It keeps passphrase for 5 minutes?!!!!
> > No! No! No! I never use as it!! I want enter passphrase for each request!
> > I prefer not to encrypt the unimportant information instead of making my
> > important data insecure even for one minute.
> >
> > ---------------------------------
> > *وحید معانی*
> > *Vahid Ma'ani*
> > Vahid.Maani at gmail.com <mailto:Vahid.Maani at gmail.com> | gnutips.ir
> > <http://gnutips.ir>
> >
> >
> >
> > On Dec 31, 2016 10:13 PM, "Brian Candler" <b.candler at pobox.com
> > <mailto:b.candler at pobox.com>> wrote:
> >
> >     On 31/12/2016 11:04, Vahid Ma'ani wrote:
> >
> >         "grep" option search content of crypted files and i should type
> >         passphrase some times for each search.
> >
> >
> >     Not if you use gpg-agent. It keeps your passphrase for 5 minutes.
> >
> >     gpg-agent is invaluable for certain operations on the repo. For
> >     example, using "pass init" to change the set of keys that the
> >     passwords are encrypted for - it has to decrypt and re-encrypt every
> >     single file.  And indeed, you don't want to have to type your
> >     passphrase for every one :-)
> >
> >
> >
> > _______________________________________________
> > Password-Store mailing list
> > Password-Store at lists.zx2c4.com
> > https://lists.zx2c4.com/mailman/listinfo/password-store
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20170101/f496ee49/attachment-0001.html>


More information about the Password-Store mailing list