Since I started using my #Librem5 the usage of my passwords and one time passwords changed: I'm using the L5 in docked mode, also.

This makes it unusable as a 2nd factor for logging in to e.g. source.puri.sm or sourcehut, because the 2nd factor shouldn't live on the same device that I'm logging into from.

Another problem is that I have to sync my passwords.

I started using pass and migrated passwords from Firefox and Password Safe to it using an extension called pass-import that easily read the exported passwords into the new password store.

In Firefox I installed the add-on PassFF along with the component that needs to be installed in the underlying system.

I already like it more than the build-in Firefox password store.

Pass offers functionality to sync the gpg encrypted content of the password store with a git repository to make the passwords available on different devices.

To use this I set up a #gitea on my #yunohost and with some basic git knowledge it's easy to push and pull the passwords from a private repo.

The problem of my missing 2nd factor I could solve by using the #LibremKey (which is a special version of a #nitrokey) to generate the one time passwords.

There's still some work to do to get that all from my notebook onto the Librem5, but I can already open my password store on the phone and sync it from and to my repo.

Todo:

• write about using pass with the LibremKey/nitrokey
• write about pass-tomb, problems using ext4 and why btrfs proved to be the better choice
• try the nitrokey application on the Librem5
• try PassFF in Firefox on the Librem5
• find a way to make pass and gpg use the LibremKey on the Librem5 (the phone has a built-in smartcard reader loaded with an openpgp smartcard. Having two readers and two openpgp smartcards seems not to be supported very well by gpg 2.2.x)
• write about how the above worked

Any comments, help (especially on using gpg with two readers and two smartcards available) and questions are welcome.