martinhoefling
commented
2 years ago If it can be realized without too much complexity in gopassbbridge we can think about it. I'm happy to assign the issue to someone who wants to build a PoC as a first step.
by non-credential fields I mean credit card info, addresses, and other sensitive fields saved by the browser if enabled. I'm thinking this should be something that can be handled without changes to gopass(though with more logic bridgeside) by treating fields as credentials.
The use case is this: all sensitive information would be encrypted at rest, and this drastically reduces risk in the event of compromised system: if they are using gopass, then all passwords are inaccessible, all information which could lead to identity theft or fraud could be inaccessible, all secrets and API keys could be inaccessible. The only point(s) of failure would be clipboard monitoring, compromising gopass, compromising the encryption backend(gpg or age), or compromising gopassbridge itself. plus it would be easy to use sensitive information across devices.