We should support one of the native windows credential store options:
https://godoc.org/github.com/docker/docker-credential-helpers/wincred
This makes me think twice though: https://security.stackexchange.com/questions/119765/how-secure-is-the-windows-credential-manager
Password fatigue is real on windows, I have colleagues on Mac where the keychain caches the password - I can see what a good experience looks like.
Rather than switching the entire password store, how about just changing the way the passphrase is obtained?
Git commit signing uses gpg and some magical combination of pinentry and gpg-agent to cache the password for short periods of time, this is effective and unobtrusive.
I had a quick play with gpg-connect-agent
This is a half way solution - its not as customizeable as using pinentry directly so there must be a better way of using it.
I don't think its unreasonable to take a dependency on GnuPG for passphrase retrieval, especially as it could be made to be optional
I think even if we do adopt wincred we would want to encrypt whatever we put in there. It doesn't have any way of locking the credential store and it's basically available to any process whilst the user is logged in.
I'd be interested in adding support for gpg-agent as a password prompt option, it could be useful in other places too. Something like https://github.com/jcmdev0/gpgagent would be a good place to start.
We currently allow different prompt implementations, for instance on mac I use export AWS_VAULT_PROMPT=osascript to get a nice prompt for my MFA. I'd imagine we'd offer something similar for passphrases.
That said, I do think that wincred is better than file, because it supports synchronisation between computers and is generally the "recommended place" for storing creds, which is what we try and aim for.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Most helpful comment
I think even if we do adopt wincred we would want to encrypt whatever we put in there. It doesn't have any way of locking the credential store and it's basically available to any process whilst the user is logged in.
I'd be interested in adding support for gpg-agent as a password prompt option, it could be useful in other places too. Something like https://github.com/jcmdev0/gpgagent would be a good place to start.
We currently allow different prompt implementations, for instance on mac I use
export AWS_VAULT_PROMPT=osascriptto get a nice prompt for my MFA. I'd imagine we'd offer something similar for passphrases.That said, I do think that
wincredis better than file, because it supports synchronisation between computers and is generally the "recommended place" for storing creds, which is what we try and aim for.