Ask HN: Save, Public Password Vaults?
What I should have told too, was that there is also a token file in place, that needs to get decrypted whenever I clone the repo to new a maschine. The file is encrypted in a way what no, eg. PGPs HMAC, makes the failure of decryption transparent. So there is no possibility to brute force.
To crack the entire thing, an attacks need to correctly guess my token password, which is not distinguishable from a failure. And once the attack got the correct one, crack the vaults password. But this stage is practically impossible to reach.
In public is my vault and the encrypted token file.
What I need to access my identities is the vault, the decrypted token, which has to be private at all costs and of course my password.
Should I be concerned? Should I add something or kill it instantly?
Its quite convinient, not tied to a provider and hopefully save. Yes, its also a big basket of eggs.