Pass: A standard Unix password manager

406 点作者 jaybosamiya将近 8 年前

31 条评论

jbg_将近 8 年前

I've used this for a long time, and along with its Git integration (pushing/pulling to/from a repository on my own server, accessed over SSH) and a GPG key stored on a Yubikey Neo, I've got basically seamless sync between two laptops, a desktop and an Android phone, without using any third-party service.The "Password Store" app on Android is compatible with `pass` and supports Git and NFC for using the Yubikey Neo to decrypt the passwords.

评论 #14820199 未加载

评论 #14820679 未加载

评论 #14820218 未加载

guillaume20100将近 8 年前

I recommend using Pass or Keepass, because we can see the source code. But like all these password managers, you need to synchronize your password vault.If you do not want to synchronize your vault among all your devices, but still want to have a unique password per site, try LessPass[1]. LessPass is a stateless open source password manager.Disclaimer I am the creator of LessPass[1] <a href="https://lesspass.com/" rel="nofollow">https://lesspass.com/</a>

评论 #14823635 未加载

评论 #14827479 未加载

评论 #14823889 未加载

评论 #14822655 未加载

评论 #14824609 未加载

评论 #14822659 未加载

评论 #14824329 未加载

评论 #14822657 未加载

allerhellsten将近 8 年前

Pass is pretty awesome, but nowadays I've switched to gopass: <a href="https://github.com/justwatchcom/gopass" rel="nofollow">https://github.com/justwatchcom/gopass</a> - much better support for teams, structured secrets, binary secrets and quite a few other improvements. Oh, and it's (mostly) drop-in compatible.

评论 #14819545 未加载

mrhigat4将近 8 年前

I use pass and love it. It provides a lot of flexibility. To fix the "website metadata is leaked in filenames" issue, I use another project by Jason, ctmg[0]. I changed the pass directory to be one directory deeper, encrypted it and just do `ctmg open` when I boot to open my password list (similar to unlocking a keypassX store) then use pass as normal. On shutdown, the opened folder is re-encrypted automatically. You could also set a ctmg close on a timer if you don't want the list to be available during your entire session after open.Other things I do:* store all the files as .toml files so I can rip specific keys with a custom script.* Have a directory for web so `pass web` will give me all websites. Have a script to fill username pass for each.* Have a directory for contacts. Then wrote a script to generate vCard files by crawling and pulling keys, base64 profile images and all.* use syncthing to keep all devices up to date.It's pretty slick workflow IMHO[0] <a href="https://git.zx2c4.com/ctmg/about/" rel="nofollow">https://git.zx2c4.com/ctmg/about/</a>

评论 #14820253 未加载

评论 #14824080 未加载

评论 #14819884 未加载

dsacco将近 8 年前

Note that pass was developed (and is maintained) by Jason Donenfeld (zx2c4), the same person who developed Wireguard, the new VPN protocol.Not that my opinion is worth a whole lot, but this is the password manager I would choose to use if I wasn't using 1Password. Where many other password managers use convoluted constructions with (e.g.) AES and PBKDF2, this is very straightforward GPG.

评论 #14828161 未加载

评论 #14821703 未加载

alex_duf将近 8 年前

I don't like the fact someone with access to my hard-drive can figure out all the services I'm using just by looking at the filenames.It's convenient yes, but I prefer one encrypted file that contains it all.

评论 #14819734 未加载

评论 #14819634 未加载

评论 #14822399 未加载

评论 #14819676 未加载

planetjones将近 8 年前

With all the discussion about 1password and its decision to "more or less" move to the web and a subscription based model, I had a TODO to look at what the open source community had; especially regarding browser plug-ins, mobile apps, etc. I don't understand why a simple problem like password management, needs a subscription and a private company to create software for the problem.This post seems to have saved me the trouble of Googling myself. I am installing on the Mac and iOS as we speak.

评论 #14820189 未加载

评论 #14820059 未加载

tombert将近 8 年前

I love Pass, but the problem I've had is that I always feel like I have to spend a bunch of time setting it up when I'm on Windows.I understand it's the standard UNIX password manager, so I suppose I don't have a ton of room to complain, and most of my computers are Mac or Linux, so it's not a huge deal, but I think it increases the barrier of entry a ton of people.That said, I think Pass is awesome, and having my passwords stored in Github makes me really happy.

评论 #14820707 未加载

评论 #14820675 未加载

评论 #14821116 未加载

评论 #14821139 未加载

JetSpiegel将近 8 年前

Using this and something like rofi-pass:<a href="https://github.com/carnager/rofi-pass/" rel="nofollow">https://github.com/carnager/rofi-pass/</a>Gets me really close to the holy grail of password managers. Browser integration is possible too with PassFF:<a href="https://github.com/passff/passff" rel="nofollow">https://github.com/passff/passff</a>

评论 #14819572 未加载

评论 #14819891 未加载

评论 #14823972 未加载

fwx将近 8 年前

How does this compare to other popular solutions? Specifically, KeepassX / Keepass2 which are the most common solutions I've seen most Unix / Linux users employ. Can we objectively state which one is a better solution?

评论 #14819554 未加载

评论 #14819471 未加载

评论 #14819458 未加载

评论 #14819413 未加载

Aissen将近 8 年前

I've been using password managers for while now, but I've recently discovered pass-rotate: <a href="https://github.com/SirCmpwn/pass-rotate" rel="nofollow">https://github.com/SirCmpwn/pass-rotate</a>It's basically a rotation manager ! Very powerful and lets you properly change your passwords regularly on many websites (like the proprietary Dashlane Password Changer or Lastpass' similar feature).

评论 #14820701 未加载

adtac将近 8 年前

Isn't copying the password to clipboard a vulnerability?I think a better idea would be to fill in the password through something like xdotool

评论 #14819688 未加载

评论 #14820062 未加载

评论 #14819665 未加载

wallunit将近 8 年前

I wrote a similar password manager (without knowing that pass already exists): <a href="https://github.com/snoack/mypass" rel="nofollow">https://github.com/snoack/mypass</a>But I ended up storing everything into one single encrypted file, rather than having one file per password. Though I see the point about the UNIX philosophy (i.e. "everything is a file"), but that way you'd leak information, i.e. what the passwords stored are for.Anyway, I'd appreciate any feedback on mypass.

评论 #14823681 未加载

ben0x539将近 8 年前

I've seen pass mentioned like a million times but I didn't realize there were so many third party extensions for it, the comments here are pretty helpful. Thanks for the submission!

rkeene2将近 8 年前

Related: hunter2[0], a password manager which uses a smartcard to manage the keys for each password, and supports multiple users.[0] <a href="https://chiselapp.com/user/rkeene/repository/hunter2/" rel="nofollow">https://chiselapp.com/user/rkeene/repository/hunter2/</a>

zabil将近 8 年前

I started with pass and switched to gopass because it automatically pushes new passwords to your remote git repository.I use a fish script to hook it up to <a href="https://github.com/junegunn/fzf" rel="nofollow">https://github.com/junegunn/fzf</a> for easy search and copying to the clipboard. <a href="https://github.com/zabil/thanksforallthefish/blob/6145e98691312361a18cfcdb6eaaf7b2f0a13fce/p.fish" rel="nofollow">https://github.com/zabil/thanksforallthefish/blob/6145e98691...</a>

评论 #14821958 未加载

nickjj将近 8 年前

I've been using pass for a long time now. I have over 200 passwords stored.I like it because you can use it to store sensitive info along with metadata, not just single field passwords. It's also super easy to access the info on the command line with ways to auto-copy passwords to your clipboard (which expires after 45 seconds).I did a write up on it a while back at <a href="https://nickjanetakis.com/blog/managing-your-passwords-on-the-command-line-in-linux-with-pass" rel="nofollow">https://nickjanetakis.com/blog/managing-your-passwords-on-th...</a>.

评论 #14819686 未加载

alexnewman将近 8 年前

I use pass on all my devices. IOS, chromebook and cli. I freaking love it! passforios is still on testflight but so good. Only a few issues with passforios:- It forgets my github password everytime i upgrade - I honestly don't like the fact that I can't turn off the pin. 4 digits with unlimited retries. - It can't merge sometimes. I think they should be more aggressive about git rebase

评论 #14822951 未加载

评论 #14822552 未加载

评论 #14823224 未加载

Accacin将近 8 年前

I'm currently a Lastpass user. I know, trusting them to store my passwords is probably not a great idea but it works on Windows, macOS and Linux and my iPhone with no problems at all.Would I like to move to something that isn't stored online? Yes, of course but I haven't found a decent solution that works everywhere.Any recommendations?

darrmit将近 8 年前

I think pass is awesome if you have the workflow that supports it, but for the vast majority (myself included) it's entirely too difficult to setup and maintain. Particularly if you're using Windows regularly.

评论 #14820784 未加载

lower将近 8 年前

I've been using this for a while and am very happy. Especially the ability to use a private git repository for synchronization of laptop and desktop makes this convenient.

tobias2014将近 8 年前

If you're using XMonad, you definitely want to use the pass addon in the xmonad-contrib package: <a href="https://hackage.haskell.org/package/xmonad-contrib-0.13/docs/XMonad-Prompt-Pass.html" rel="nofollow">https://hackage.haskell.org/package/xmonad-contrib-0.13/docs...</a>I would claim that there isn't a more convenient password management solution than this.

评论 #14822363 未加载

leighflix将近 8 年前

Alright guys, I tried using this as I was curious, and miserably failed.Found out I needed GPG, and some encryption key or ID and whatnot. I have no clue what these things are and would like to know.How can I learn about this encryption stuff like keys and RAS and whatnot? (Books n Articles)

评论 #14822323 未加载

评论 #14824295 未加载

qrv3w将近 8 年前

For those interested, I've been working on something similar but for journal entries instead of passwords. [1][1]: <a href="https://github.com/schollz/gojot" rel="nofollow">https://github.com/schollz/gojot</a>

tuxninja将近 8 年前

If anyone needs a quick tutorial on pass I wrote about some it's features a while back <a href="http://tuxlabs.com/?p=450" rel="nofollow">http://tuxlabs.com/?p=450</a>

amelius将近 8 年前

Anybody else here simply hashing their master password with the domain name of the website?I think this is something the browser should offer by default.

评论 #14819748 未加载

评论 #14819873 未加载

评论 #14819747 未加载

评论 #14819958 未加载

评论 #14819802 未加载

评论 #14819775 未加载

homakov将近 8 年前

Did anyone here NOT write their own pw manager?

molsson将近 8 年前

Implemented as 700 lines of shell script?! Why?

leshow将近 8 年前

I've used pass for years, it's great.

thesmallestcat将近 8 年前

No, no it's not.

评论 #14820579 未加载

评论 #14821301 未加载

hasenj将近 8 年前

If it becomes standard, people would use it without a master password, and then stealing passwords via malicious scripts will become very easy.

评论 #14819503 未加载

评论 #14826743 未加载