Can I use it fully offline?

How do I back it up to USB drive?

What does the day-to-day operation of Pass compared to Keepass look like?

I am trying to learn it as I want to use it, as I think that keepass is bloated for my use case, and I would appreciate any help here.

  • JubilantJaguar@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    1 month ago

    What does the day-to-day operation of Pass compared to Keepass look like?

    Someone else can confirm but Keepass seems to use symmetric encryption, whereas Pass definitely uses an asymmetric key pair.

    This is why I gave up on Pass. Obviously it has its advantages or they wouldn’t have done it, but personally I find that this is too much complexity for something as critical as password storage. I want to be able to access the vault with a single memorized master password and nothing else. That is only possible with symmetric encryption.

    • darkan15@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      1 month ago

      This is not correct as pass uses GPG, and you can do symmetric encryption with it, it is just a different parameter in the command.

      You can use a different password per file, or the same one

      • JubilantJaguar@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        1 month ago

        Citation needed, man page says nothing about that. Of course, you can use GPG directly to get symmetric, that is what I chose to do

    • Ephera@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      1 month ago

      I’m guessing, they did it this way, because there’s no persistent process to keep the decrypted files open. You’d need to ask the user for the password for every single command they run. With GPG, that persistent process is gpg-agent.

      Of course, encryption with a GPG key is also going to be more secure than the longest password you can come up with.

      I guess, many people will want access to GPG, too, if they want access to their passwords, so they’re not bothered by it.
      But yeah, I do also remember setting that up on Android, where you need a separate app to do the GPG, and it really stops feeling simple pretty quickly…