Aral Balkan @aral

Gnome Web feature request: native pass password manager support (ala Browserpass)

gitlab.gnome.org/GNOME/epiphan

Would anyone else like native support for a free and open source, cross-platform, decentralised, entirely self owned and controlled password management system?

CC @gnome

· Web · 4 · 12

@aral @gnome Seconded! would definitely be a big QOL improvement.

@aral @gnome

"a free and open source, cross-platform, decentralised, entirely self owned and controlled password management system?"

How is that secure?

@hhardy01 @gnome Which aspect do you feel compromises security? The passwords are encrypted with my curve25519 PGP key via gopass. The connection to my remote Gitlab is over TLS. The Gitlab account in question is protected by a strong password.

@hhardy01 @gnome @aral

In general if you care about privacy don't put your passwords on the web in any form. Just keep them locally on a device or a local file.

@bob @gnome @aral

It's best not to use passwords at all but rather gpg, sshkeys and other dual key systems. And don't keep them on any internet connected system or device.

Browserpass uses remote access to a hacker called zx2c4's "pass" program. zx2c4 claims to own a company called Edge Security, which among other services offers, "finding vulnerabilities, determining exploitation strategies, and producing detailed specifications on reverse engineered inter-workings."

edgesecurity.com/#reverse-engi

@bob @gnome @aral

pass apparently is a bash shell script(!) front end to GPG.

Checking PGP key registries will confirm the identity of this person as zx2c4.

en.wikipedia.org/wiki/Pass_(so

@aral @gnome GNOME does ship with a nice password manager. Chromium stores passwords there by default. Idk about Epiphany, but being a core app it would surprise me if it didn't. The only thing missing is synchronisation with mobile devices (and maybe non-linux platforms). For the time being I'll stick to keepass.

@qwazix @aral @gnome AFAIK, it isn't available on nor does it sync with anything else.

@aral
It would be even more awesome if they manage to implement it in a way that it can read a keepass database file. This way you can define the file you want and synchronize it across devices easily.
@gnome