undefined | Better HN

0 pointsFatalBaboon10y ago0 comments

I have the same setup (pass [0] + private git repository via Gitlab).

Password-wise it is as safe as my ssh key + gpp key, so pretty strong. Metadata wise it is as safe as my ssh key + gitlab account (still pretty strong), or my linux session (WEAK).

Then again the same goes for any password utility I guess, since you can view passwords stored in browsers in clear text anyway.

[0]: http://www.passwordstore.org/

0 comments

1 comments · 1 top-level

icebraining10y ago

They're not exactly in clear text: Chrome and IE encrypt them with the Windows session key (meaning only software running as the same user can decrypt them); Firefox on the other hand encrypts them with 3DES-CBC using a master password, if you set one, which is supposedly secure even against software running as the same user.

j / k navigate · click thread line to collapse