gopasspw/gopass

★ 6,852GoAudience · developerComplexity · 3/5LicenseSetup · moderate

Mindmap

mindmap
  root((repo))
    How it works
      GPG encryption
      Git storage
      age alternative
    Core actions
      Create secrets
      Copy to clipboard
      Sync remotes
    Team features
      Multi-recipient store
      GPG key management
    Setup
      Homebrew
      apt/dnf/pacman
      Browser extension

mindmap root((repo)) How it works GPG encryption Git storage age alternative Core actions Create secrets Copy to clipboard Sync remotes Team features Multi-recipient store GPG key management Setup Homebrew apt/dnf/pacman Browser extension

Click or tap to explore — scroll the page freely

Things people build with this

USE CASE 1

Store and sync team credentials securely using a shared encrypted Git repository with per-member GPG keys.

USE CASE 2

Manage personal passwords from the terminal without depending on any cloud service.

USE CASE 3

Integrate browser password autofill with a fully offline, encrypted local store.

USE CASE 4

Audit the full history of credential changes using Git version tracking.

Tech stack

GoGPGGitage

Getting it running

Difficulty · moderate Time to first run · 30min

Requires GPG key generation and a Git remote configured for syncing before first use.

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

In plain English

Gopass is a command-line password manager designed for individuals and teams who want to store credentials securely without relying on a cloud service. It works on Linux, macOS, Windows, and BSD systems, and can run entirely offline if needed. The way it works is straightforward: passwords and other secrets are encrypted using a tool called GPG and then stored in a Git repository. GPG is an encryption standard widely used for securing files and emails. Git is a versioning system most often associated with code, but here it is used to track the history of your password store and to sync changes across devices or with teammates. An alternative encryption method called age is also supported if you prefer not to use GPG. You interact with gopass through a terminal. Common tasks include creating a new secret, listing what you have stored, copying a password to your clipboard without displaying it on screen, syncing with a remote repository, and removing entries you no longer need. A browser integration is also available if you prefer not to type commands every time you need a password. For teams, the standout feature is that multiple people can share the same encrypted store over a shared Git remote. Each team member can be added as a recipient, and their GPG key is used to encrypt the store so that everyone who should have access can decrypt it independently. Gopass can be installed through most major package managers, including Homebrew on macOS, apt on Debian-based Linux systems, dnf on Fedora, pacman on Arch Linux, and WinGet or Chocolatey on Windows. A binary download is also available for manual installation. The project is open source under the MIT license and welcomes contributions.

Copy-paste prompts

Prompt 1

Help me set up gopass for a team of 5 developers sharing database credentials, using a private GitHub repository as the encrypted remote store.

Prompt 2

Write a shell script that uses gopass to inject secrets as environment variables for a Docker container at startup.

Prompt 3

Show me how to add a new GPG recipient to an existing gopass team store so a new team member can decrypt and access shared credentials.

Prompt 4

Help me migrate my 1Password vault to gopass by writing a script that reads 1Password JSON exports and creates gopass entries via the CLI.

Prompt 5

Explain how to configure gopass browser integration on macOS so I can autofill passwords in Firefox without typing terminal commands.

Open on GitHub → Explain another repo

← gopasspw on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.