What to do when someone leaves a team?

Kjetil Torgrim Homme kjetil.homme at redpill-linpro.com
Thu Nov 8 18:04:01 CET 2018

On 11/8/18 4:28 PM, HacKan wrote:> Simply issue pass init again with the
new keylist, that's it :)

not really, since the person who left the team can check out an old copy
of the repository and use the key which was valid at that time to
decrypt all passwords.

I am afraid all passwords must be changed to be sure.  of course this
will always be true - that person could even have printed the passwords
and put them in a bank vault, where you can not get hold of them to
destroy the copy.

Kjetil T. Homme
Redpill Linpro AS - Changing the game

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20181108/7752d56e/attachment.asc>

More information about the Password-Store mailing list