Detecting Old Passwords with pass
Published . Tags: beards, security.
It’s good practice to change your passwords periodically. I definitely can’t keep track of the age of my passwords manually, so I wrote a short shell script to identify passwords that haven’t been changed in the last six months:
#!/usr/bin/env bash password_store="$HOME/.password-store" password_refresh_age=180 find "$password_store"/** -mtime +$password_refresh_age | sed -e 's|^'"$password_store"'/||'
I use pass to manage my passwords from the command line. It’s just a shell
script that wraps around
tree. Pass stores each
password in a GPG-encrypted file in the
Each of those files has a modification time associated with it. This script
searches recursively though my
.password-store, identifies all the files that
haven’t been changed in the last 180 days, strips off some unnecessary directory
info, and prints ‘em out. Handy!