user gone and expiring access

[higuita]

Thank you all for the information and comments.

> 1) For non-malicious users where you want to defend against them
>    loosing their key and old encrypted store to a 3rd party use a
>    hardware token that you can collect on exit (like Yubikey).

	This is my case and yes, the hardware token seems the correct way
to manage this one, at least until someone invents some secure time-based
crypto :)

	We will also break the passwords on internal, gateway and external
services (low and high importance), to also help segregate access and
reduce the trouble of changing passwords of services when needed.

	We already use vault, but for internal services, not for any
external services.

> 2) For malicious actors you just need to change all secrets they
>    ever had access to because they could have recorded plain text.

	Agree, for malicious users, there is no other way, we would
be never sure if there wasn't a plain text dump.

Best regards,
higuita
-- 
Naturally the common people don't want war... but after all it is the
leaders of a country who determine the policy, and it is always a 
simple matter to drag the people along, whether it is a democracy, or
a fascist dictatorship, or a parliament, or a communist dictatorship.
Voice or no voice, the people can always be brought to the bidding of
the leaders. That is easy. All you have to do is tell them they are 
being attacked, and denounce the pacifists for lack of patriotism and
exposing the country to danger.  It works the same in every country.
           -- Hermann Goering, Nazi and war criminal, 1883-1946
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20190224/e6abd3a3/attachment.asc>