mrhigat4

I use pass and love it. It provides a lot of flexibility. To fix the "website metadata is leaked in filenames" issue, I use another project by Jason, ctmg[0]. I changed the pass directory to be one directory deeper, encrypted it and just do `ctmg open` when I boot to open my password list (similar to unlocking a keypassX store) then use pass as normal. On shutdown, the opened folder is re-encrypted automatically. You could also set a ctmg close on a timer if you don't want the list to be available during your entire session after open.

Other things I do:

* store all the files as .toml files so I can rip specific keys with a custom script.

* Have a directory for web so `pass web` will give me all websites. Have a script to fill username pass for each.

* Have a directory for contacts. Then wrote a script to generate vCard files by crawling and pulling keys, base64 profile images and all.

* use syncthing to keep all devices up to date.

It's pretty slick workflow IMHO

[0] https://git.zx2c4.com/ctmg/about/

painted

looks like a nice setup, but what about mobile?

mrhigat4
Syncthing has a mobile app and there's an app for pass called PasswordStore[0] using OpenKeychain[1] (pgp manager). I'm not a fan of putting my private key on my mobile, but if I were, this would be a nice setup.

[0]: https://github.com/zeapo/Android-Password-Store

[1]: https://github.com/open-keychain/open-keychain

Edit: yeah for ctmg support, probably have to hold out for something like PostMarketOS to save us.