Hi all, I was delighted to discover this project recently. It seems to be almost exactly the perfect solution needed to avoid the unpleasant situation of being reliant on a proprietary password manager.
There is one feature which I consider pretty essential, and as far as I can see, it's not supported by pass yet, which is to keep the entire metadata encrypted, including the directory names and file names. Without this it doesn't seem to provide 100% privacy protection, since for example it potentially exposes which websites you use. Is that right, or am I missing something? If I'm right, would this be an easy thing to solve architecturally? For example, the directory names and file names could be converted into some kind of digest (e.g. SHA-256), and then a mapping between digests and the original names could be tracked in a separate encrypted file at the top level of the store. Thanks! Adam _______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
