grumt

joined 1 month ago
sorted by: new top controversial old
life changed due to shrimp in c/[email protected]
[–] [email protected] 17 points 1 month ago (2 children)

dayum, I would make a fake and gay joke, but this is so fucking wholesome that I just cant

58
The MMORPG Urban Dead, after nearly 20 years, is shutting down because of new UK laws (urbandead.com)
 

I'm really sad, started to play this game recently and was having so much fun

Do you remember zombie apocalypse MMO Urban Dead? It's shutting down after nearly 20 years in c/[email protected]
[–] [email protected] 1 points 1 month ago

man thats so sad, I had just started to play this game, was having so much fun

Question about the 'pass' password manager in c/[email protected]
[–] [email protected] 4 points 1 month ago* (last edited 1 month ago) (13 children)

I agree, but picture this: if someone get their hands in a kdbx database, they would need to brute force through the master password; they couldn't possibly know any sites or logins. In the other hand, if someone got your password store, and you used this hierarchy structure, they could try to attack directly the logins, which increases the attack surface. That being said, yes, I completely agree with your last statement.

edit. For example, if you want to host the password database in a host service not owned by yourself, pass is entirely out of question in this case. A kbdx database, however, would offer a good deal of privacy

Question about the 'pass' password manager in c/[email protected]
[–] [email protected] 2 points 1 month ago (1 children)

Hmm I get it. As I said, I think there is good use cases for it, specially because of the simplicity, but I personally prefer to have the entire database encrypted, kinda like keepassxc does

Question about the 'pass' password manager in c/[email protected]
[–] [email protected] 2 points 1 month ago (3 children)

So even the sub-directories of the password store are encrypted? For example, even if I put my password int the name of a subdirectory, they wouldn't be able to see it?

22
Question about the 'pass' password manager (lemmy.ml)
submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/[email protected]
23 comments fedilink
 

So, I've been using keepassxc for some time now, but I wanted a viable alternative for command line usage (there is keepassxc-cli, that I use, but it is really a pain in the ass). So, I searched and found pass and gopass.

However, I've seen that they store each entry in a gpg encrypted file, inside a plain directory hierarchy. And, don't get me wrong, I believe that there are use cases for this, but if someone got their hands in your password_store, they would know every single login that you have (the only information that is protected is the password, or whatever is in the gpg file).

So, my question is, there is a password manager, cli based, that encrypts the whole database, and not the single entries?

Update: there is a pass extension made specifically to address this issue