No downsides I've experienced. I switched over 6 months ago, didn't change my .password-store directory at all really, and everything has been smooth. There was even a bug a little while back I reported that was fixed pretty quick.

I had to switch over to support a team who were using gopass too for secret sharing, otherwise I'd probably just be on pass still.

In general I've been pretty happy with gopass. However as there is very sensitive data stored in the stores, some problems I've already run into: * A situation with gopass where it ignored a sub folder's .gpg-id, and as a result it rekeyed all passwords with incorrect recipients. Combined with "autosync", this was a big "oops" moment. * The `recipient` command doesn't work with sub-folders, but doesn't throw an error when a sub-folder is used and will update the root folder. Again, a big "oops" moment.

I found your issue about this: https://github.com/justwatchcom/gopass/issues/462

It sounds serious, for sure, and this software deals with sensitive data, so that is important to keep in mind (though, it versions with Git, so that's a nice safety). I just want to point out how responsive they were in your issue: it appears there was a fix merged in less than a day later!

I've had zero issues and found the team to be very responsive on Github. I worked with the team to help spec. out the XKCD password generating feature and it was done literally a week later. I've become a bit of an evangelist for the tool!