gopass

Initialize the configuration settings

$ gopass init

$ gopass new

$ gopass mounts

$ gopass mounts add [store_name] [git_repo_url]

$ gopass show [keyword]

$ gopass find [keyword]

$ gopass sync

$ gopass [store_name|path/to/directory|email@email.com]

gopass [global_options] [command_options] [arguments]

--config
    Specifies an alternative configuration file path.

--verbose, -v
    Enables verbose output, showing more detailed information during execution.

--quiet, -q
    Suppresses non-error output, showing only critical messages.

--version
    Displays the current gopass version information.

--help, -h
    Shows general help information or help for a specific subcommand.

gopass is a robust, command-line password manager that leverages Git for version control and synchronization, and GPG (GNU Privacy Guard) for strong encryption. As a modern, cross-platform rewrite of the popular pass (password-store) utility, it offers improved speed, advanced features like multi-store support and OTP generation, and enhanced usability across various operating systems.

It organizes passwords in a hierarchical, encrypted file structure, simplifying the management of multiple password entries. gopass securely shares vaults and synchronizes them across devices via Git. It integrates seamlessly with the clipboard for easy access and provides numerous subcommands for common operations like showing, inserting, generating, and editing passwords. Its design emphasizes simplicity, security, and extensibility.

GPG and Git Dependencies: gopass fundamentally relies on git for synchronization and gpg for encryption. Both must be installed and correctly configured on the system for gopass to function.

GPG Passphrase Management: The security of your stored passwords is directly tied to the strength and security of your GPG passphrase. Loss or compromise of this passphrase can lead to irreversible data loss or unauthorized access.

Git Repository Security: While passwords are encrypted, metadata such as file names can be visible in the Git repository's history. Ensure your Git repository itself is protected.

Clipboard Interaction: Passwords copied to the clipboard remain there temporarily. Be mindful of potential exposure, especially on shared or public systems.

gopass employs a subcommand-based interface (e.g., `gopass show`, `gopass generate`), analogous to `git`. This design promotes modularity and extensibility, with each subcommand handling a specific aspect of password management.

A significant feature of gopass is its capability to manage multiple independent password stores. This allows users to segregate work, personal, or shared passwords into distinct, encrypted vaults.

It includes integrated support for generating Time-based One-Time Passwords (TOTP) directly from password entries, streamlining the process of two-factor authentication.

gopass was developed as a modern, Go-language rewrite of the original pass (password-store) utility. While pass established a secure and simple model using Unix tools, its shell-script implementation sometimes faced performance and cross-platform limitations. gopass emerged to address these, offering a faster, more robust, and natively cross-platform solution. It expanded on pass's core by introducing features like multiple password stores, an improved command-line interface, and built-in OTP (One-Time Password) generation, while maintaining the underlying security principles of Git and GPG.

pass(1), git(1), gpg(1)