[cryptography] LastPass have been hacked, so it seems.

Tim tim-security at sentinelchicken.org
Tue Jun 16 12:20:03 EDT 2015



> Are there any password managers that let the user specify where to
> store a remote copy of the passwords (FTP server, scp, Dropbox,
> whatever) while keeping the crypto and the master password on the end
> devices?

Take a look at http://www.passwordstore.org/

Your GPG key encrypts all of the credentials individually.  You can
push the keys to a git repo if you like, which could be "in the
cloud".  Don't like git?  Well, just back up the .password-store
directory some other way, keeping it separate from your .gpg dir.
You don't need to worry about losing your keys due to password
database corruption, commercialization of the tool or whatever, since
they are all in separate files that you can decrypt with GPG by hand
if needed.

tim


More information about the cryptography mailing list