Using native secret storage

[shocklateboy92]

I noticed in your readme that you plan to support storing secrets in an encrypted file.
You should consider delegating that to secret storage mechanisms of the operating system (e.g. gnome-keyring or kwallet). Will mean less work for you, and less security bugs 😄

https://specifications.freedesktop.org/secret-service/latest/

[Mart-Bogdan]

But this software supports windows (and mac in future).

Dbus and freedesktop don't want to port on windows, or at least to provide binaries.

[shocklateboy92]

Good point. But there is a windows equivalent:
https://github.com/danieljoos/wincred

[cmdli]

This is definitely a potential feature down the line, though right now I am prioritizing getting basic Mac support up and running. I do see the value in hardened credential storage on each platform, though I also want to allow people to be able to export/transfer credentials even in that case.

[shocklateboy92]

That makes perfect sense 🙂
Of course, I haven't done any MacOS development, but I assumed it would take drastically less code/time to use keychain than to write the storage mechanism yourself. 🤷
https://github.com/keybase/go-keychain

[jo-vf]

To me the most important aspect of this project is, that it can address the drawback of not being able to back up your keys. Depending upon the "native store" chosen you might again loose this option.