Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The point of `pass` is to offload the security aspect to gpg, so unless something goes wrong with that, I don't believe continued use, even if unmaintained, is very insecure.


The Android app will by necessity receive the decrypted passwords from GPG to display and copy them to the clipboard. It could do whatever else it wants with them.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: