Harry R. Schwartz

Code writer, sometime Internet enthusiast, attractive nuisance.

The author at the Palais du Luxembourg in Paris, November 2022. hacker news gitlab sourcehut pinboard librarything 1B41 8F2C 23DE DD9C 807E A74F 841B 3DAE 25AE 721B


British Columbia



Detecting Old Passwords with pass


Published .
Tags: beards, security.

It’s good practice to change your passwords periodically. I definitely can’t keep track of the age of my passwords manually, so I wrote a short shell script to identify passwords that haven’t been changed in the last six months:

#!/usr/bin/env bash


find "$password_store"/** -mtime +$password_refresh_age | sed -e 's|^'"$password_store"'/||'

I use pass to manage my passwords from the command line. It’s just a shell script that wraps around gpg, git, pwgen, and tree. Pass stores each password in a GPG-encrypted file in the ~/.password-store directory.

Each of those files has a modification time associated with it. This script searches recursively though my .password-store, identifies all the files that haven’t been changed in the last 180 days, strips off some unnecessary directory info, and prints ‘em out. Handy!

You might like these textually similar articles: