On 26-07-15 19:15, Kevin Cox wrote:
On 26/07/15 09:38, Steffen Vogel wrote:
I’d suggest do add the passwords age
when it is copied to the clipboard.
$ pass show -c Password
Copied Password (last change 2015-07-27) to clipboard. Will clear
in 45 seconds.
I don’t know anything about the code and side effects. What do you think?
I don’t think this is a nice idea:
To get the modification data of the first line (e.g. the password), we must
decrypt usually more than 1 revision.
I’m using a hardware token (Yubikey) to decrypt the GPG files. This takes
considerably longer.
You would also consider things such as renames. I think that this isn't
a great feature because it is easy to misunderstand it. If you actually
want the time the password itself was created you would need more
metadata, for example `pass generate` could add a "Generated At"
property. But I think that assuming that the last time a file was
updated is equal to the last time a password was changed is a poor idea.
If the wording was chosen to be more explicit I don't think this would
be dangerous but I still doubt its usefulness.
Yes, it does assume you don't change the file name. Maybe we can extend
it somehow to follow file name changes that git know about... that might
be a good idea!
However, I think it's perfectly reasonable to work with the current
assumptions. It is clear that pass cannot know anything about the
history of a password before you imported it from another password
manager (for example). I am using it to rotate my passwords every now
and then and for that it suffices.
By the way: my patch is actually looking at the first line of the file,
not at the timestamps of the files.
Keeping a time stamp together with a password is probably not such a
good idea because sooner or later the two *will* get out of sync.
Which wording can I improve? Do you mean the term "age" or are you
referring to Steffen's "last change" or maybe my cmd_usage text?
Regards,
Tijn
_______________________________________________
Password-Store mailing list
[email protected]
http://lists.zx2c4.com/mailman/listinfo/password-store
