Pass (software)
Developer(s) | Jason A. Donenfeld |
---|---|
Written in | Bash |
Operating system | FreeBSD, Linux, OS X |
Available in | English |
Type | Password manager |
License | GPLv2+ |
Website |
www |
pass is a password manager inspired by the Unix philosophy. It has a command-line interface, and uses GnuPG for encryption and decryption of stored passwords.[1][2]
The passwords are encrypted and stored in separate files, and can be organized via the operating systems filesystem. A password file can contain additional text, such as the Username, the Email address or comments.
There are several graphical user interfaces (GUIs) available, such as QtPass for Linux/Windows/MacOS or Password Store for Android operating systems. A synching system is not implemented, but synching can be achieved, by synching the password files with the Git version control system.
Vulnerabilities
In June 2018, pass was found to be vulnerable to a variant of the SigSpoof attack.[3][4] The issue was patched the same day that the vulnerability was disclosed.[3]
See also
References
- ↑ Bruce Byfield (January 2014). "Remembrance of Things Pass". Linux Magazine.
- ↑ Joe Brockmeier (24 June 2014). "Using pass to Manage Your Passwords on Fedora". Fedora Magazine.
- 1 2 "Pass gets a fail: Simple Password Store suffers GnuPG spoofing bug".
- ↑ "Decades-old PGP bug allowed hackers to spoof just about anyone's signature".
External links
- https://www.passwordstore.org/ Official Website
- https://qtpass.org/ GUI for Linux/Windows/MacOS
- Password Store for Android - Source Code: https://github.com/zeapo/Android-Password-Store