top | item 45239142

(no title)

denismi | 5 months ago

I recently moved away from pass after a decade or so.

Two main reasons:

1. This laptop up was set up with flatpak versions of all GUI applications, including Firefox, and the browser plugin just doesn't work. I persisted with the work-around of `pass -c <path>` from the run command prompt for a while to paste into the browser, but its not ideal.

2. I realised that the Android app was archived. There's at least one fork, but who knows how that will be maintained going forward. https://github.com/android-password-store/Android-Password-S...

For now I'm content with hosting vaultwarden and using various Bitwarden clients.

discuss

nickjj|5 months ago

I made the switch from pass recently too. I had ~400 secrets stored in it for almost the same time as you.

Ultimately I wanted something easier to sync between multiple devices. Now that I am traveling more seriously I can't get away with only having a few important passwords saved on my phone and laptop.

It was a lot easier to sync (1) file with KeePassXC and it has 2 well supported Android apps to choose from. It took me around 3 hours one day to manually move everything over, I took that as an opportunity to prune and refactor everything which is why I didn't use the CSV import feature.

Password managers for me are a "write occasionally, read frequently" app so it's pretty painless to shoot over 1 file over my local network to keep 3 devices in sync.

jeduardo|5 months ago

That's curious. I moved from KeePassXC to pass precisely because the synchronization story for the database file wasn't working so well. For too many times I ended up with an outdated database in the backend server because the sync process failed to work properly.

After I moved to pass, every credential became its own file and I rarely edited the same credential in way too many devices. For the rare conflicts I had, having it being Git made it possible to resolve them without massive hassle.

Then again, that was also some many years ago. Maybe the synchronization story is better these days.

aquariusDue|5 months ago

KeepassXC combined with Syncthing is enough for me too.

unknown|5 months ago

[deleted]

jolmg|5 months ago

> I persisted with the work-around of `pass -c <path>` from the run command prompt for a while to paste into the browser, but its not ideal.

There's also `passmenu` that comes with `pass`. You setup a keybinding that calls that. It autocompletes your password selection with a menu (calls dmenu) and puts it on your clipboard. You skip having to invoke the command prompt then manually calling `pass -c` and writing the path.

fooqux|5 months ago

Well shit, I didn't realize the Android app was shelved. I checked out the fork and it looks like they're doing good work there. I'm a bit surprised that the maintainers of both didn't work out a transfer; who else better to take over the project than a active fork?

Makes me wonder if something else was the issue, such as disagreeing over security practices or the like.

> I persisted with the work-around of `pass -c <path>` from the run command prompt for a while to paste into the browser, but its not ideal.

I actually do this on purpose. The last time I checked into the plugin, it looked like it unlocked your gpg key at Firefox launch rather than at password prompt time. Also, I didn't like the fact that the plugin creator could simply send my passwords to themselves without my knowledge. Firefox and pass are big/trusted enough to not do this. But some random guy? That was outside my risk tolerance.

jeduardo|5 months ago

How has it been working for you so far?

I'm in a similar situation and considering doing the same thing as you, for the same reasons, but I'm curious about how the offline experience is.

I'm often facing periods of bad to no connectivity, and I find the ability to lookup or even update a credential offline very useful. Not sure how much of it is possible with Vaulwarden and I couldn't find the time to try it yet.