
Show HN: A password manager for the command line - wallunit
https://github.com/snoack/mypass
======
wallunit
I'm the author of mypass. First of all, I'm very sorry to drop support
(temporarily at least) for macOS and Windows with the latest release. It was a
necessity for adopting SQLCipher (without available bindings for Python 3).
But I reached the point where rolling (and encrypting) my own data structures
is no longer a reasonable option (in particular with added support for multi-
context credentials). On the other hand, the latest release adds support for
FreeBSD (in addition to Linux).

Unlike most Show HN posts this isn't a new software, but one that I initially
created back in 2014, and ended up spending a fair amount of time on recently,
leading to its 2.0 version which I released today. In the beginning it was
just a hack scratching a personal itch of mine. But I think mypass has matured
a lot since then, and I'd love to get some feedback from other potential
users.

~~~
adur1990
While I really appreciate your efforts, can you elaborate on the benefits over
pass (passwordstore.org)?

~~~
wallunit
Honestly, when I first started working on mypass, I wasn't aware of "pass".

Anyway, one issue I have with "pass" is that it leaks metadata, as it uses the
file system to organize different credentials, while only the files storing
the credentials itself are encrypted.

Also "pass" uses GPG for encryption, which can provide additional security if
you store your private key on an external drive or smartcard, and take
additional measures to make it more difficult to obtain access to your
password store and private key at the same time. But in the more common setup
where the password store is stored along the private key on the same device,
cracking your GPG passphrase will require less computation than cracking a
passphrase using PBKDF2 with 256,000 iterations like used for key derivation
in mypass.

~~~
adur1990
Cool, see the points. I will have a look into mypass :)

~~~
wallunit
That's awesome. I'm looking forward to any feedback. Not sure for how much
longer I will keep monitoring this thread. But you can reach me either by
filing issues on GitHub, or if you could at least drop me an email at
sebastian.noack@gmail.com and share your feedback I would much appreciate it.

