Note that you can store more than just the password. Put the password of the first line and then put information about the password on the next lines. That will obscure the length.
Kevin On Fri, Feb 24, 2017 at 1:39 PM Thibault Polge <[email protected]> wrote: > > In any case, I agree it should be clearly documented. > > Here's a draft of two very short paragraphs that could be added at the > end of the manpage, in a new “Limitations” section, just before “See > also”: > > > The hierarchy of password names is stored as a plain text directory > > structure. Pass itself does nothing to conceal the names you give to > > your keys or to the folder structure which contains them. > > > > Pass also does nothing to hide the size of the data it encrypts. The > > design of OpenPGP makes it trivial to compute the length of the > > cleartext from the length of the cyphertext. > > I'm not good at nroff stuff, but if there are no objections, I'll try > and send a patch to pass.1 > > Thanks all for your feedback, > Best regards, > Thibault > _______________________________________________ > Password-Store mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/password-store >
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
