My Password Manager - Background
My current password manager is pass
. It has served
me well for quite some time, but it does not scale all that well to multiple
devices. Its git
integration may allow me to synchronize passwords against
devices, but it has several downsides:
It reveals the list of secrets (and other metadata) to every single device. I do not want to share my personal accounts with my work machine, but I cannot completely separate the password stores, since some passwords are shared.
Furthermore, implementing proper access control is possible, but fragile and definite not a built-in feature of this setup.
I need to manage GPG keys across multiple devices. It is possible to use multiple keys with
pass
, but handling one GPG key properly is hard enough, trying to handle multiple keys (some in a possibly hostile environment) is fraught.
Thus, I decided to write my own password manager. I am still figuring out the specifics, though.