user gone and expiring access

Kevin Lyda kevin at ie.suberic.net
Fri Feb 22 16:27:33 CET 2019


On Fri, Feb 22, 2019 at 2:40 PM Jonathan Proulx <jon at csail.mit.edu> wrote:
> 2) For malicious actors you just need to change all secrets they
>    ever had access to because they could have recorded plain text.

And to add to that, this is why limiting access is a good idea. I use
several password stores to limit access to people who need them.
Enough that I sometimes think about making a "git pass" subcommand but
then I feel like I'm alternating turtles all the way down.

Kevin


More information about the Password-Store mailing list