pass (the password store).
The standard Unix password manager. Every secret is a small file encrypted to your OpenPGP key, laid out as a folder tree on disk. No database, no proprietary format — just PGP files.
pass (also called password-store) stores each password as a
.gpg file encrypted to your PGP key, organized in directories. The store is the
filesystem: email/work.gpg, banking/checking.gpg, and so on. Decrypting
a file reveals its contents; the first line is conventionally the password.
What it is.
pass takes a deliberately minimal approach: there is no special database and no vendor format. A password entry is a text file, encrypted to your OpenPGP key with the same crypto you already use for messages. Folders give you structure; an optional Git repository gives you history and sync. Because the format is just PGP files, any OpenPGP tool can read a pass store — it is not locked to one app.
That openness is the appeal. Your secrets are protected by the key you control, in a format you can inspect, on storage you choose.
Why it matters.
For people who already live in OpenPGP, pass is the natural password manager: it reuses the key and the trust model they already have, with no new account and no new company to trust. The catch has always been mobile — reading a pass store on a phone meant awkward workarounds.
A PGP app that can open a pass store closes that gap: your desktop pass entries become readable on the phone, decrypted with the same key (or the same hardware token), without copying secrets into a different manager.
Related terms
Get PGPony
Free OpenPGP encryption for iOS and Android. No accounts, no tracking.