Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Display passwords as QR codes #421
While there are apps to use pass on an Android phone, I don't feel comfortable with that. It requires GPG on my phone, and I want to use only a small subset of the passwords on my phone. This is all possible, but I think I don't need a complex solution. Most passwords will be stored in the corresponding app anyway.
So I was often using qrencode to copy passwords to my phone. This allows me to control which passwords are on my phone very easily, and allows me to use complicated passwords. I mostly using something like the following command to get passwords out of pass to the screen:
Since I mostly use QtPass as GUI, I thought it would be nice to have this feature built in.
This pull request is my implementation of this feature. I am not very familiar with Qt, I tried my best to keep the changes minimal but complete. I made the following modifications:
I used it for some time now and thought it works quite well. There are some issues where I am currently not so sure how to solve them:
Please give me your feedback. I would be very happy if this is adopted.
@@ Coverage Diff @@ ## master #421 +/- ## ======================================== - Coverage 7.25% 7.15% -0.1% ======================================== Files 41 43 +2 Lines 2662 2712 +50 ======================================== + Hits 193 194 +1 - Misses 2469 2518 +49
I basically like the idea.
My comments on your questions:
My main concern would be, that the QR code should only open when a button is pressed. If it opens by default, it would make the password more vulnerable to "over-the-shoulder" viewing cameras. (I guess you already implemented it in this way.)
Yes, but if you have malicious software on your computer, everything is lost anyway. It could act as a keylogger and steal your keychain password, it could make screenshots of QtPass and read the password,...
I think so too. QtPass already uses external programs like pass or pwgen. Another optional external dependency does not hurt.