[cryptography] LastPass have been hacked, so it seems.

Ondrej Mikle ondrej.mikle at nic.cz
Tue Jun 16 20:26:57 EDT 2015


On 06/16/2015 06:20 PM, Tim wrote:
> 
> 
>> Are there any password managers that let the user specify where to
>> store a remote copy of the passwords (FTP server, scp, Dropbox,
>> whatever) while keeping the crypto and the master password on the end
>> devices?
> 
> Take a look at http://www.passwordstore.org/

I had a look at it. At first the idea of gpg locally + git sync seems fine and
simple. However, I didn't like the "pass" shell-script, so I tried to use
QtPass, the Qt wrapper of "pass".

I couldn't make the Qt app work (gpg complained that given public key cannot be
encrypted to, etc.). Don't know about the usability and quality of the other
apps (Android/iOS ones).

The "pass" script is short, but hard to read (in bash). QtPass just wraps this
script along with exec()ing gpg/git binaries and puts it into not-so-well
designed GUI.

The plain "pass" might be for people who like command-line tools.

In theory "pass" allows other transports like (s)ftp, scp for synchronization.


Ondrej


More information about the cryptography mailing list