Calling something “standard” maketh not a standard. Designing something to fit in well with a unixy ecosystem is nice and all, but until it’s in POSIX/SUS, standard it ain’t. (It’s also not established enough to be considered a de facto standard either.)
Not to mention it requires bash instead of being posix shell compliant. Standard Unix indeed. To top it off, GnuPG.
On a related note, why store passwords at all? Generate them on the fly and write your own implementation:
I wrote a simple password manager for myself; I preferred a monolithic store that doesn’t leak information about the passwords being stored and found the use of GnuPG to be overkill for this.
This looks great, I love the design philosophy.
The only thing I don’t like is the directory hierarchy. It seems excessive and the directories are viewable. Sometimes just the fact that you have an account somewhere can be an issue. I personally prefer the single file approaches.
One thing that the multiple-file approach could offer is more granular access control. I’d like to see a tool like this be made to work for teams where shared account credentials are often still an unfortunate necessity.
Good point. The simple that the attacker can easily know that an account is exist is an issue.
Been using this for awhile and love it.