On 31.08.2016 19:02, Kjetil Torgrim Homme wrote: > Den 31. aug. 2016 17:48, Brian Candler skreiv: >> On 31/08/2016 16:43, Emile Cantin wrote: >>> In light of the recent Dropbox leak, I wanted to know how old my >>> password was, and perhaps if I had any other old passwords that would >>> be due for a rotation. I don't think I can rely on the last >>> modification date on the files, as a fresh clone of my repo would have >>> today's date, even if the file was last modified in my repo in 2012. I >>> looked into how to do this with Git, but it's pretty >>> ungainly: >>> http://serverfault.com/questions/401437/how-to-retrieve-the-last-modification-date-of-all-files-in-a-git-repository >>> >>> Keepass has an "expiration date" field which you can set when >>> generating a password, and it appears in a different color in the list >>> when expired. >>> >>> I think password age is a relevant metric for a password manager, but >>> pass doesn't currently offer any visibility into this. >>> >>> What do you think? >> This is (another) reason why it would be good if pass were to sign its >> GPG files. The signature includes a timestamp. > re-encrypting the files to a new set of keys will make a new signature. > you need to make the date part of the password file itself, or have pass > maintain some metadata in a separate file, e.g., "work/supplier.gpg" > could have a companion file "work/.meta.supplier.gpg", containing: > > created: 2015-03-02T14:25:02+0200 > updated: 2016-08-31T18:55:32+0200 > expire: never > > the above syntax is valid YAML which can be useful if more complex > structures are wanted later. > > it might be useful to allow encryption of the metadata to be optional. >
I like the git way of checking it. This is how to get a complete history of dropbox.com. pass git log --pretty="%s %Cgreen %cr %Creset" | grep dropbox.com Of course signature is an additional security.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
