[imran3740]

I use pass[0], which is essentially just a wrapper on top of Git and GPG. All your secrets are stored in text files that are then encrypted by your GPG key, which is then tracked in a Git repo that you can store anywhere. I use the PassFF extension[1] for Firefox, and Password Store for Android[2]. There are plenty of pass-compatible clients for all platforms and extensions for pass on the first site.

If I need to get my password for eg. GitHub outside of Firefox, I just type `$ pass -c dev/github`, decrypt, and it's in my clipboard for 45 seconds.

[0]: https://www.passwordstore.org/

[1]: https://addons.mozilla.org/en-US/firefox/addon/passff/

[2]: https://github.com/zeapo/Android-Password-Store

[resfirestar]

The passmenu script for dmenu makes it even easier - just hit a keyboard shortcut, start typing “git”, hit enter and it’s on the clipboard.

[a_paddy]

Plus as it's based on the tried and trusted GPG, it can be secured with a hardware token like a Yubikey

[imran3740]

I actually do this with the subkeys I put on my Yubikey, and thanks to the NFC capability, I can use it on Android.

I've been wanting to switch to a Yubikey with USB-C, since both my laptop and phone have that port and I don't have to rely on NFC, but this has been working fine so I can't really justify the cost.

[exophoric]

Also using pass here.

Someone has an opinion/solution for the problem of exposing the list of everything you are using a password for? The fact that pass doesn't encrypt that makes me somewhat uncomfortable about hosting the remote git repo on an Internet accessible machine / service. Keeping the data "offline" (if such a thing exists) makes the sync across devices more challenging...

[unfunco]

I originally used pass too and it's excellent, there's gopass too which is an improvement on pass and works well for teams.

https://www.gopass.pw

[Hamuko]

What makes it better for teams than just pass?

[0lpbm]

Pass has no out of the box multi user support. Gopass allows encryption for multiple keys, hence better for teams.

I use it for the same reason to encrypt different folders with different keys (work vs. private).

[0lpbm]

I use gopass a lot, but they direction in which they took the pass API is absolutely horrible. The ammount of irrelevant commands they added made it an UX nightmare.

[LinuxBender]

Does this store in a format that can be pushed to any git repo? It isn't clear from the docs, or maybe I missed it.

[imran3740]

It's essentially encrypted text, which Git handles just fine.

[drakenot]

I use pass as well, along with a dmenu/rofi script.

[jolmg]

> along with a dmenu/rofi script.

You make it sound custom, so I wonder if you know that pass's source repository and at least Archlinux's package includes passmenu which lets you access your passwords with dmenu.

[y3k]

I didn't know about this one, but looks perfect.

Thank you.