Not realy a security specialist.
But having your private key in an easy to photograph format doesn't sound that
smart to me . .
Anne Jan
On 20 June 2014 21:52:31 CEST, "Santiago Borrazás" <[email protected]> wrote:
>Maybe this is not the best place to discuss this, but is it possible
>to put your private key into a qr code? This could make pass tool
>friendly across devices.
>
>I was thinking to put all my encrypted
>passwords in a public github repo and be able to access to my
>passwords from any device passing my private key from a qr code and
>then putting
>my password to decrypt the private key.
>
>I would like to hear from security people if this it's viable or is
>the worst idea ever.
>
>On Fri, Jun 20, 2014 at 11:12 AM, George Angelopoulos
><[email protected]> wrote:
>> Adding to what Jonas suggested, instead of piping the password to
>> qrencode, you could pipe it to a small script that would do
>>
>> qrencode -o - | display -
>>
>> Alternatively, have a separate program/script assigned to a key
>> combination that displays a qr code of your current clipboard, like
>this:
>>
>> xclip -o -selection clipboard | qrencode -o - | display -
>>
>> Maybe the above is useful in general, because any information on your
>> monitors is 1 or 2 buttons away from a qrcode, and pass doesn't need
>to
>> know about it.
>>
>> On 06/20/2014 04:52 PM, Patrick Burroughs (Celti) wrote:
>>> I have no idea how common a use-case this might be, but I found it
>the
>>> most convenient way to interface with my phone while lacking an
>>> Android app. I don't see it as a mandatory dependency, any more than
>>> xclip is required to use pass if you don't want to send things to
>the
>>> clipboard.
>>>
>>> I won't be disappointed if this is not accepted however, as I
>>> understand it's a little out there; I'll continue to maintain it
>>> locally in that case.
>>>
>>> Regards,
>>> ~Celti
>>>
>>> On Fri, Jun 20, 2014 at 12:36 AM, Jonas Wagner <[email protected]> wrote:
>>>> Hi,
>>>>
>>>> is this really that common a use case? Supporting this will add a
>dependency
>>>> on qrencode to pass.
>>>>
>>>> In what way is this better than doing "pass foo/bar | qrencode"?
>>>>
>>>> Cheers,
>>>> Jonas
>>> _______________________________________________
>>> Password-Store mailing list
>>> [email protected]
>>> http://lists.zx2c4.com/mailman/listinfo/password-store
>>
>> _______________________________________________
>> Password-Store mailing list
>> [email protected]
>> http://lists.zx2c4.com/mailman/listinfo/password-store
>_______________________________________________
>Password-Store mailing list
>[email protected]
>http://lists.zx2c4.com/mailman/listinfo/password-store
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________
Password-Store mailing list
[email protected]
http://lists.zx2c4.com/mailman/listinfo/password-store
