diff options
| author | Anne Jan Brouwer <brouwer@annejan.com> | 2015-11-24 00:12:22 +0100 |
|---|---|---|
| committer | Anne Jan Brouwer <annejan@noprotocol.com> | 2015-11-24 00:12:22 +0100 |
| commit | 3e2246bce7a2ea6f03b75316e7ac1fe78a1fcbb9 (patch) | |
| tree | a5f7ba1375910aa1a1bb39c1bfef4990e25f565d /README.md | |
| parent | 281d8efd8fc55d847cf356954c3b33853c4e2a35 (diff) | |
md lint
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 31 |
1 files changed, 23 insertions, 8 deletions
@@ -1,29 +1,37 @@ -QtPass [](https://travis-ci.org/IJHack/qtpass) [](https://ci.appveyor.com/project/annejan/qtpass/branch/master) +QtPass ====== -QtPass is a GUI for [pass](http://www.passwordstore.org/), the standard unix password manager. +[](https://travis-ci.org/IJHack/qtpass) +[](https://ci.appveyor.com/project/annejan/qtpass/branch/master) +[](https://scan.coverity.com/projects/ijhack-qtpass) + +QtPass is a GUI for [pass](http://www.passwordstore.org/), +the standard unix password manager. Features -------- + * Using pass or git and gpg2 directly * Configurable shoulder surfing protection options * Cross platform: Linux, BSD, OS X and Windows * Per-folder user selection for multi recipient encryption * Multiple profiles -Logo based on https://commons.wikimedia.org/wiki/File:Heart-padlock.svg by AnonMoos. +Logo based on [Heart-padlock by AnonMoos](https://commons.wikimedia.org/wiki/File:Heart-padlock.svg). Installation ------------ + On most systems all you need is: `qmake && make && make install` On Mac OS X: `qmake && make && macdeployqt QtPass.app` -* Currently seems to only work with MacGPG2 +Currently seems to only work with MacGPG2 Security considerations ----------------------- + Using this program will not magically keep your passwords secure against compromised computers even if you use it in combination with a smartcard. @@ -39,6 +47,7 @@ it installed (or at least one that knows how to use a smartcard). To get better protection out of use with a smartcard even against a targeted attack I can think of at least two options: + * The smartcard must require explicit confirmation for each decryption operation. Or if it just provides a counter for decrypted data you could at least notice an attack afterwards, though at quite some effort on your part. @@ -51,22 +60,28 @@ attack I can think of at least two options: Known issues ------------ -* Filtering (searching) breaks the tree/model sometimes -* Starting without a correctly set password-store folder give weird results in the tree view + +* Filtering (searching) breaks the tree/model sometimes +* Starting without a correctly set password-store folder + gives weird results in the tree view * On Mac OS X only the gpgtools MacGPG2 version works with passphrase or PIN Planned features ---------------- + * Re-encryption after users-change (optional of course) * Plugins based on field name, plugins follow same format as password files * Colour coding folders (possibly disabling folders you can't decrypt) * WebDAV (configuration) support * Optional table view of decrypted folder contents -* Opening of (basic auth) urls in default browser? Possibly with helper plugin for filling out forms? -* Some other form of remote storage that allows for accountability / auditing (web API to retrieve the .gpg files?) +* Opening of (basic auth) urls in default browser? + Possibly with helper plugin for filling out forms? +* Some other form of remote storage that allows for + accountability / auditing (web API to retrieve the .gpg files?) Further reading --------------- + [FAQ](FAQ.md) and [CONTRIBUTING](CONTRIBUTING.md) documentation. [Documentation](https://qtpass.org/) |