[pass] Password age report

Brian Candler b.candler at pobox.com
Wed Aug 31 17:48:32 CEST 2016


On 31/08/2016 16:43, Emile Cantin wrote:
>
> In light of the recent Dropbox leak, I wanted to know how old my 
> password was, and perhaps if I had any other old passwords that would 
> be due for a rotation. I don't think I can rely on the last 
> modification date on the files, as a fresh clone of my repo would have 
> today's date, even if the file was last modified in my repo in 2012. I 
> looked into how to do this with Git, but it's pretty ungainly: 
> http://serverfault.com/questions/401437/how-to-retrieve-the-last-modification-date-of-all-files-in-a-git-repository
>
> Keepass has an "expiration date" field which you can set when 
> generating a password, and it appears in a different color in the list 
> when expired.
>
> I think password age is a relevant metric for a password manager, but 
> pass doesn't currently offer any visibility into this.
>
> What do you think?
This is (another) reason why it would be good if pass were to sign its 
GPG files. The signature includes a timestamp.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160831/72f5855b/attachment-0001.html>


More information about the Password-Store mailing list