Here are some of the pros of the Pass:
* It leaks meta-data. That might sound a con, but in exchange you get the ability to extract a password without decrypting and thus exposing other passwords. There is isolation.
* It’s more convenient than a single file password manager. You type ‘’pass -c goo’’ for your Google account, instead of clicking on your password manager, typing password, searching in data base, finding the right entry, copying password or pressing auto complete and closing the database. The combination of mouse and keyboard can make alternative password managers slower.
* You don’t need your master password to add a new password (it uses asymmetric encryption).
* You can easily program it, eg, write a backup script that grab a password from store.
* It uses GPG which means your secret key can be stored on Yubikey, handled by a dedicated agent. Your password is basically a short PIN with max 3 tries. This is unparalleled convenience and security!
* It’s secure, because it’s a short bash script that you can check, and delegates encryption to a dedicated well-audited cryptographic tool.
* You can encrypt to multiple keys, thus use it similar to LUKS that supports multiple passwords.
* GPG is usually widely available, so you can decrypt a password on another system on which you may not admin rights to install your password manager.
There might be few cons though. For example, if you store your database on a cloud, say, Dropbox, Dropbox could switch your Dropbox.com file with google.com file, and you copy and hand over your Google password to Dropbox. But this is hypothetical for most of us! Also, some people don’t like metadata (filenames) leakage, though apparently there are solutions for that.
Overall it’s very convenient and functional. I highly recommend it.
Can you use it on mobile?