Hacker News new | past | comments | ask | show | jobs | submit login

Leaking to where?



compared to other password managers which is just an encrypted database.

pass uses normal folders to store your website/username information so in that way it is less protected.


Something to consider, sure.

But the exposure is to anyone with access to your encrypted pass data. Which in the normal use case is going to be anyone with access to your user account, which means they could likely already see your shell and browser history.


Not if you want to access it on multiple devices, in which case the built-in solution is to use git. In that case your git server sees all the metadata.


In the default settings the names of the websites are stored unencrypted, in the filenames.


To anything with read access to your chosen storage filesystem.


To anyone who types pass in your terminal it looks like.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: