pass-otp 1.0.0 released (migration required)
Tad
tadfisher at gmail.com
Mon Mar 20 22:31:05 CET 2017
Hello pass users,
I've released version 1.0.0 of the pass-otp extension. Here's a summary of
changes:
* New: `insert` command accepts `otpauth://` URIs directly.
* New: `append` command appends or replaces OTP URIs in existing passfiles.
* New: `validate` command validates an `otpauth://` URI against the
Key Uri Format standard.
* Rename `show` to `code` for disambiguation from `pass show`. `show` is still
supported as an alias.
* **Drop `insert totp` and `insert hotp` commands.** These were cumbersome to
support and are obviated by key URIs.
* **Drop support for the 0.1.0 OTP passfile format.** Please see the
"Migrating from pass-otp 0.1.0" section of the README for advice on migrating
your OTP passfiles from the previous version.
* **Drop support for entering OTP secrets as arguments.** This practice is
prone to history leakage, which is (probably) why it is not supported by
`pass insert`. Intrepid users may use `echo <uri> | pass otp insert`, but
they should be warned to disable their shell's history feature.
I apologize for changing the file format, but it is ultimately for the best, as
pass-otp is now fundamentally compatible with all third-party OTP authenticators
which use standard OTP key URIs. I'm available to assist with any migration
issues; simply reply to this mail or post an issue on github.
You may download pass-otp from Github:
https://github.com/tadfisher/pass-otp
Happy passing!
Tad Fisher
More information about the Password-Store
mailing list