1. 17

  2. 7

    Calling something “standard” maketh not a standard. Designing something to fit in well with a unixy ecosystem is nice and all, but until it’s in POSIX/SUS, standard it ain’t. (It’s also not established enough to be considered a de facto standard either.)

    1. 2

      Not to mention it requires bash instead of being posix shell compliant. Standard Unix indeed. To top it off, GnuPG.

      On a related note, why store passwords at all? Generate them on the fly and write your own implementation:




    2. 3

      I wrote a simple password manager for myself; I preferred a monolithic store that doesn’t leak information about the passwords being stored and found the use of GnuPG to be overkill for this.

      1. 2

        This looks great, I love the design philosophy.

        The only thing I don’t like is the directory hierarchy. It seems excessive and the directories are viewable. Sometimes just the fact that you have an account somewhere can be an issue. I personally prefer the single file approaches.

        1. 1

          One thing that the multiple-file approach could offer is more granular access control. I’d like to see a tool like this be made to work for teams where shared account credentials are often still an unfortunate necessity.

          1. 1

            Good point. The simple that the attacker can easily know that an account is exist is an issue.

            1. 1

              Been using this for awhile and love it.