QtPass 1.1.6

QtPass is a multi-platform GUI for pass, the standard unix password manager.

View the Project on GitHub IJHack/qtpass

QtPass MainWindow

Features

Read the changelog for the latest features and fixes.

Installation

Linux

Arch

pacman -S qtpass

OpenSUSE & Fedora

yum install qtpass
dnf install qtpass

Debian, Ubuntu and derivates like Kali & Raspbian

apt-get install qtpass

Gentoo

emerge -atv qtpass

FreeBSD

pkg install qtpass
cd /usr/ports/sysutils/qtpass/ && make install clean

More options

Windows

Latest stable on the releases page, latest build via AppVeyor.

Via Chocolatey
choco install qtpass

OSX

Latest stable on the releases page, latest build via AnneJan.

Via Homebrew Cask
brew cask install qtpass

Dependencies

On most *nix systems all you need is:

qmake && make && make install

On Mac OS X:

brew install qt5
brew link --force qt5
xcode-select --install
qmake && make && macdeployqt QtPass.app

Currently seems to only work with MacGPG2

Security considerations

Using this program will not magically keep your passwords secure against compromised computers even if you use it in combination with a smartcard.

It does protect future and changed passwords though against anyone with access to your password store only but not your keys. Used with a smartcard it also protects against anyone just monitoring/copying all files/keystrokes on that machine and such an attacker would only gain access to the passwords you actually use. Once you plug in your smartcard and enter your PIN (or due to CVE-2015-3298 even without your PIN) all your passwords available to the machine can be decrypted by it, if there is malicious software targeted specifically against it installed (or at least one that knows how to use a smartcard).

To get better protection out of use with a smartcard even against a targeted attack I can think of at least two options:

Planned features

Known issues

FAQ

Can't save a password

I have an issue with GNOME keyring

enable-ssh-support
write-env-file
use-standard-socket
default-cache-ttl 600
max-cache-ttl 7200

Also, the following is useful to add to your .bashrc if you are using Yubikey NEO on Ubuntu:

# OpenPGP applet support for YubiKey NEO
if [ ! -f /tmp/gpg-agent.env ]; then
  killall gpg-agent;
  eval $(gpg-agent --daemon --enable-ssh-support > /tmp/gpg-agent.env);
fi
. /tmp/gpg-agent.env

Can I import from KeePass, LastPass or X?

Are there more frequently asked questions?

Where can I ask for help?

Read up on recent changes


Linux Compatible Windows 10 Compatible OS X Compatible FreeBSD Compatible