user gone and expiring access
Jonathan Proulx
jon at csail.mit.edu
Fri Feb 22 15:40:23 CET 2019
Others have said both things but there's 2 points here:
1) For non-malicious users where you want to defend against them
loosing their key and old encrypted store to a 3rd party use a
hardware token that you can collect on exit (like Yubikey).
2) For malicious actors you just need to change all secrets they
ever had access to because they could have recorded plain text.
More information about the Password-Store
mailing list