gpg – pinentry-mac: disable Keychain storage

I’m using pinentry-mac with openfortivpn, to prompt for passwords and tokens. I installed both using Homebrew.

However, there’s a button in the pinentry dialog to save to the keychain, and it’s checked by default. I’d like to disable this, or at least make it unchecked by default.

Based on this and this and the source, I’ve tried both of these:

defaults write org.gpgtools.common DisableKeychain -bool yes
defaults write org.gpgtools.common UseKeychain false

But neither had any effect. Anything else I can do?

gnupg – pinentry-mac completely disables prompt for GPG passphrase

This is weird. I am using pass and pinentry-mac to unlock my passwords. My gpg-agent.conf uses pinentry-mac as its pinentry-program.

I’m not sure if I updated some dependency recently but suddenly decrypting passwords is now possible without asking for passphrase which I find as a serious problem. This is not a problem with pass as if I try using gpg directly to decrypt my encrypted files directly in terminal session, it’s the same.

If I disable pinentry-mac then it starts working and I’m asked to put my passphrase every time. Any idea what can be the cause? I have tried restarting / killing gpg-agent and logging out of my user account (even restarting the machine) but result is the same.