top | item 41659633

(no title)

> You'll need to share the decryption key (e.g. via 1password shared vaults).

Not really. It also supports keeping the symmetric decryption key encrypted with the GPG key of each added user (and handles this automatically). This is the default behavior.

What you're saying also works (quoting from readme, emphasis mine: "Alternatively, you can export a symmetric secret key, which you must securely convey to collaborators."), but feels worse from a security point of view.

discuss

starwatch|1 year ago

True on all counts. I never got the GPG approach working - though admittedly I didn't put too much effort into figuring it out.

Refalm|1 year ago

Implementation is easy. Getting people to understand GPG is another thing entirely.