Pass: The Standard Unix Password Manager

17

Pass: The Standard Unix Password Manager release security unix vcs zx2c4.com
via englishm 4 years ago | cached | 8 comments

8

7

1amzave edited 4 years ago | link

Calling something “standard” maketh not a standard. Designing something to fit in well with a unixy ecosystem is nice and all, but until it’s in POSIX/SUS, standard it ain’t. (It’s also not established enough to be considered a de facto standard either.)
1. 2
  
  sramov 4 years ago | link
  
  Not to mention it requires bash instead of being posix shell compliant. Standard Unix indeed. To top it off, GnuPG.
  
  On a related note, why store passwords at all? Generate them on the fly and write your own implementation:
  
  http://sramov.nfshost.com/p.c
  
  http://sramov.nfshost.com/p.go
  
  http://sramov.nfshost.com/p.pl
3

kyle 4 years ago | link

I wrote a simple password manager for myself; I preferred a monolithic store that doesn’t leak information about the passwords being stored and found the use of GnuPG to be overkill for this.
2

JonahBraun 4 years ago | link

This looks great, I love the design philosophy.

The only thing I don’t like is the directory hierarchy. It seems excessive and the directories are viewable. Sometimes just the fact that you have an account somewhere can be an issue. I personally prefer the single file approaches.
1. 1
  
  englishm 4 years ago | link
  
  One thing that the multiple-file approach could offer is more granular access control. I’d like to see a tool like this be made to work for teams where shared account credentials are often still an unfortunate necessity.
2. 1
  
  ngrilly 4 years ago | link
  
  Good point. The simple that the attacker can easily know that an account is exist is an issue.
2

ssl 4 years ago | link

https://lobste.rs/s/k6t7fj/pass_-_password_manager_the_unix_way
1

jtobin 4 years ago | link

Been using this for awhile and love it.