Skip to content
Switch branches/tags


Failed to load latest commit information.
Latest commit message
Commit time


UPDATE: Due to collisions with the global keyboard shortcuts on Chrome OS, the default shortcut for this extension has been changed to Ctrl+Shift+P (resp. Cmd+Shift+P on Mac). The keyboard shortcut can always be changed under chrome://extensions/shortcuts.

smart-pass is a Chrome/Chromium extension that automatically fills login forms with passwords encrypted using OpenPGP-enabled smart card. The encrypted password files are fetched from Google Drive and decrypted on the smart card using the Smart Card Connector extension. As all operations run either directly on the smart card or in the browser, the extension can be used in cases where a full gpg/smart card stack cannot be installed, e.g., under Chrome OS or without admin/root privileges. Password stores can be maintained with zx2c4's pass and uploaded to Google Drive using the web UI or a command line tool such as drive.

smart-pass is based on browserpass and compatible with one of its two storage formats for passwords.

Using smart-pass


  • An OpenPGP-enabled smart card such as
  • A password store on Google Drive, consisting of gpg-encrypted password files adhering to the format outlined below

Password file format

Passwords for the domain or can be stored in any Google Drive folder with the name Password files in such a folder will also be used for subdomains such as and, but not for domains like or

In such a folder, a username/password combination is stored as a .gpg-file containing the password encrypted with the user's public key. The name of the file (minus the .gpg) will be taken as the username.

Example: If the user uses the password 123457 on, smart-pass would look for a folder containing a file with the encrypted password.


  1. Install the Smart Card Connector extension from the web store.
  2. Install smart-pass from the web store.


On first use, both Google Drive and the Smart Card Connector extension will show a warning dialog outlining the permissions requested by the extension.

  1. Click on the extension icon in the toolbar or press Ctrl+Shift+P (Mac: Cmd+Shift+P) to open a list of logins for the current page.
  2. Select a login or search for logins for a different domain by pressing Enter. You can optionally choose to copy the corresponding password to the clipboard instead of filling a login form by clicking on the copy icon.
  3. Enter your smart card's PIN and press Enter. You can optionally choose to cache your PIN until you have either been inactive for 60 seconds or have locked your device. The PIN cache can always be cleared manually from the extension icon's context menu.
  4. After possibly confirming the decryption operation on your smart card reader, you will be logged in automatically.



Possible improvements

  • Support inserting, editing and generating passwords
    • Use random numbers generated by the hardware RNG on the smart card
  • Offer to fill one-time passwords generated from TOTP secrets stored on the smart card




Fill in login forms using an OpenPGP-enabled smart card




No releases published


No packages published