[zikduruqe]

I've never understood the "complexity" of PGP/GNuPG. Granted the man page is dozens of pages long, but I find it no more complicated than any other command line tool. Maybe it is because I have used it professionally and personally forever.

The author of Age has ported Pass to use Age as the encryption scheme if one needs a modern solution.

As for reading the directory structure, you don't have to put your passwords in a directory structure and just do security by obscurity.... But, if some has access to my local machine, I have bigger issues.

[captn3m0]

The agent-driven nature of PGP, along with the encoding itself (which was primarily meant for emails) adds a lot of complexity, and makes it much harder to setup, configure, and use safely compared to other tools.

It is a tool trying to securely manage keys in an insecure environment, and even offloading some parts (such as to a yubikey) doesn't make it any easier to use.

[zikduruqe]

> compared to other tools

Genuinely curious as to what other tools. I don't find PGP terribly too complex to setup or manage.

> It is a tool trying to securely manage keys in an insecure environment

I mean, yea. Isn't that every encryption tool on someone's local machine?