Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add encrypted output of function 'export' #74

Closed
58ef23 opened this issue Feb 25, 2015 · 2 comments
Closed

add encrypted output of function 'export' #74

58ef23 opened this issue Feb 25, 2015 · 2 comments

Comments

@58ef23
Copy link

58ef23 commented Feb 25, 2015

as instead plain text. We need more safety. Anyone can read our passwords now. AES256 should be fine.
@bcopeland
Copy link
Contributor

I replied via email but I think it got lost. What's the attack model here? I think any encryption we do here would not add real security since a user that can connect to the agent to export can see your passwords anyway.

You can use "lpass export | gpg" to encrypt at rest, and you can set any password to reprompt through the web ui to force MPW reprompt before export dumps the plaintext, to prevent casual drive-by snooping.

@bcopeland
Copy link
Contributor

In the absence of a really compelling use-case, I don't think I want to add something extra here when gpg can do the job.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bcopeland @58ef23