Update the Expire-Date when the Password changes #2010
Comments
|
This could be implemented with a checkbox next to the expiration setting that says "update on password change" |
|
I think it's better to include this in #551. |
|
#551 is meant to operate over the whole database. This request is when I update an individual entry's password the expiry date (if set) should auto increment. |
|
As developer, it feels somewhat wrong to use another cleanup-tool, semantically. Updating the expiry should be the consequence of updating the password. As a user, I would want to have the password-change immediately and automatically update the expiry, if I set it to a given interval in order to not have to click more that I need to. Personally, I would be fine with running a password analyzer over everything and have the expiry corrected. It would however feel like a workaround to me. If the analyzer would run in the background and could work on recently updated entries first, then it could feel like an immediate and automatic update. But those are big ifs and I do not want to bloat another feature with this request. Also, I have a little under 3 months before I am annoyed for 1 minute with the password-change again :-) |
|
The fact is, if I have 40 company-related password that I need to change every 30 days, I will need to check the "update on password change" checkbox 40 times. On the other hand, a database-wide option will enable this for every password in the whole database, even personal ones that doesn't need updates. IMHO the entry-specific option seems the best solution if the user is willing to manually enable it for every required entry |
|
@TheZ3ro Checking one checkbox is no big deal if I change the password. Right now, I need to update the expiry with multiple clicks and (maybe) some manual adjusting. And the one checkbox-click only needs to happen once. So if companies force me to change my password every three months, then I have set the checkmark on all applicable entries within three months. I would not dedicate time to only do this. The database-wide option does not make sense to me as well, for the reasons you outlined. |
Addressed issue #2010 Creates a new Expiration Settings area in the Edit Entry widget, composed of the expiration date settings and a new optional feature that allows for automatic extension of the expiration date on password modification.
Addressed issue #2010 Creates a new Expiration Settings area in the Edit Entry widget, composed of the expiration date settings and a new optional feature that allows for automatic extension of the expiration date on password modification.
Addressed issue #2010 Creates a new Expiration Settings area in the Edit Entry widget, composed of the expiration date settings and a new optional feature that allows for automatic extension of the expiration date on password modification.
I think automatic update of the expiry date should be the default behavior (opt-out rather than opt-in, or not even opt-out). An old expiry date is not useful once it has passed, and if an expiry date was set at all, it's most likely the user intended the password to expire repeatedly (edit: the main exception to this if the expiry date was set only to force immediate renewal, such as with a temporary password). The update interval can be calculated by subtracting the date when the password was last updated from its expiry date. |
Addressed issue #2010 Creates a new Expiration Settings area in the Edit Entry widget, composed of the expiration date settings and a new optional feature that allows for automatic extension of the expiration date on password modification.
Addressed issue #2010 Creates a new Expiration Settings area in the Edit Entry widget, composed of the expiration date settings and a new optional feature that allows for automatic extension of the expiration date on password modification.
|
Some addition to this request: Everything moves to the cloud and in my case I need multiple username -> same password combinations. For me it is not sufficient to have one expire date on the parent entry. This would be a nice addition for a "full impact" overview. |
Expected Behavior
I would expect/like to see an automated change of the expire-date when the password changes.
Current Behavior
Currently, the expire-date seems independent of changes to the password.
Possible Solution
I suggest to either store a fixed date like now, or just a reference to a preset (3 months). If the password changes AND the expire-date is a preset, then the expire-date is recalculated according to the preset.
I consider this a feature of the client, so the chosen preset needs to be stored in a place that does not disrupt other clients using the same keepass-db.
Context
In some companies, I am forced to change the password every 3 months (with a grace period of 1 week or so). I vaguely remember other intervals. Some companies remind you, others just prompt you for a new password. In other circumstances, I choose to change certain passwords according to my own intervals.
Since I can set an expiry date, keepassxc helps me spot passwords that need to be renewed. When I then change the password, I need to manually adjust the expiry. If I could tell KeePassXC that it always needs to be renewed every three months, it could adjust the expiry automatically, saving me one step.
Debug Info
KeePassXC - Version 2.3.3
Revision: 0a155d8
Libraries:
Operating system: Ubuntu 16.04.4 LTS
CPU architecture: x86_64
Kernel: linux 4.4.0-98-generic
Enabled extensions:
The text was updated successfully, but these errors were encountered: