What to do when someone leaves a team?

HacKan hackan at gmail.com
Thu Nov 8 18:21:33 CET 2018


Oh, yes, that's for sure. You need to change everything, every password. I was just answering the question of how to remove a key id.

Also, if using a shared remote repo, the write access must be revoked from beforehand, else the leaving user can re issue pass init... and add their key.

Cheers !

On November 8, 2018 2:04:01 PM GMT-03:00, Kjetil Torgrim Homme <kjetil.homme at redpill-linpro.com> wrote:
>On 11/8/18 4:28 PM, HacKan wrote:> Simply issue pass init again with
>the
>new keylist, that's it :)
>
>not really, since the person who left the team can check out an old
>copy
>of the repository and use the key which was valid at that time to
>decrypt all passwords.
>
>I am afraid all passwords must be changed to be sure.  of course this
>will always be true - that person could even have printed the passwords
>and put them in a bank vault, where you can not get hold of them to
>destroy the copy.
>
>-- 
>Kjetil T. Homme
>Redpill Linpro AS - Changing the game

-- 
HacKan || Iván
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20181108/59f3b84c/attachment.html>


More information about the Password-Store mailing list