Since I started using my #Librem5 the usage of my passwords and one time passwords changed: I'm using the L5 in docked mode, also.
This makes it unusable as a 2nd factor for logging in to e.g. source.puri.sm or sourcehut, because the 2nd factor shouldn't live on the same device that I'm logging into from.
Another problem is that I have to sync my passwords.
I started using pass and migrated passwords from Firefox and Password Safe to it using an extension called pass-import that easily read the exported passwords into the new password store.
In Firefox I installed the add-on PassFF along with the component that needs to be installed in the underlying system.
I already like it more than the build-in Firefox password store.
Pass offers functionality to sync the gpg encrypted content of the password store with a git repository to make the passwords available on different devices.
To use this I set up a #gitea on my #yunohost and with some basic git knowledge it's easy to push and pull the passwords from a private repo.
The problem of my missing 2nd factor I could solve by using the #LibremKey (which is a special version of a #nitrokey) to generate the one time passwords.
There's still some work to do to get that all from my notebook onto the Librem5, but I can already open my password store on the phone and sync it from and to my repo.
- write about using pass with the LibremKey/nitrokey
- write about pass-tomb, problems using ext4 and why btrfs proved to be the better choice
- try the nitrokey application on the Librem5
- try PassFF in Firefox on the Librem5
- find a way to make pass and gpg use the LibremKey on the Librem5 (the phone has a built-in smartcard reader loaded with an openpgp smartcard. Having two readers and two openpgp smartcards seems not to be supported very well by gpg 2.2.x)
- write about how the above worked
Any comments, help (especially on using gpg with two readers and two smartcards available) and questions are welcome.