<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">On 31/08/2016 16:43, Emile Cantin
      wrote:<br>
    </div>
    <blockquote
cite="mid:CANzFYrct=REtFfSOOsSNktWqVEqV7MKSk60+UwnDj0+WeAO12w@mail.gmail.com"
      type="cite">
      <div style="color:rgb(33,33,33);font-family:"helvetica
        neue",helvetica,arial,sans-serif;font-size:13px"><br>
      </div>
      <div style="color:rgb(33,33,33);font-family:"helvetica
        neue",helvetica,arial,sans-serif;font-size:13px">In light
        of the recent Dropbox leak, I wanted to know how old my password
        was, and perhaps if I had any other old passwords that would be
        due for a rotation. <span style="line-height:1.5">I don't think
          I can rely on the last modification date on the files, as a
          fresh clone of my repo would have today's date, even if the
          file was last modified in my repo in 2012. I looked into how
          to do this with Git, but it's pretty ungainly: </span><a
          moz-do-not-send="true"
href="http://serverfault.com/questions/401437/how-to-retrieve-the-last-modification-date-of-all-files-in-a-git-repository"
          target="_blank">http://serverfault.com/questions/401437/how-to-retrieve-the-last-modification-date-of-all-files-in-a-git-repository</a></div>
      <div style="color:rgb(33,33,33);font-family:"helvetica
        neue",helvetica,arial,sans-serif;font-size:13px"><span
          style="line-height:1.5"><br>
        </span></div>
      <div style="color:rgb(33,33,33);font-family:"helvetica
        neue",helvetica,arial,sans-serif;font-size:13px"><span
          style="line-height:1.5">Keepass has an "expiration date" field
          which you can set when generating a password, and it appears
          in a different color in the list when expired.</span><br>
      </div>
      <div style="color:rgb(33,33,33);font-family:"helvetica
        neue",helvetica,arial,sans-serif;font-size:13px"><span
          style="line-height:1.5"><br>
        </span></div>
      <div style="color:rgb(33,33,33);font-family:"helvetica
        neue",helvetica,arial,sans-serif;font-size:13px"><span
          style="line-height:1.5">I think password age is a relevant
          metric for a password manager, but pass doesn't currently
          offer any visibility into this.</span></div>
      <div style="color:rgb(33,33,33);font-family:"helvetica
        neue",helvetica,arial,sans-serif;font-size:13px"><span
          style="line-height:1.5"><br>
        </span></div>
      <div style="color:rgb(33,33,33);font-family:"helvetica
        neue",helvetica,arial,sans-serif;font-size:13px"><span
          style="line-height:1.5">What do you think?</span></div>
    </blockquote>
    This is (another) reason why it would be good if pass were to sign
    its GPG files. The signature includes a timestamp.<br>
  </body>
</html>