Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Password Expiry Notifications #66

Closed
refa8 opened this issue Oct 8, 2024 · 3 comments
Closed

Implement Password Expiry Notifications #66

refa8 opened this issue Oct 8, 2024 · 3 comments
Labels
question Further information is requested

Comments

@refa8
Copy link

refa8 commented Oct 8, 2024

Is your feature request related to a problem? Please describe.

Currently, the application allows users to store and manage passwords, but there is no mechanism in place to notify users when their passwords become outdated or are due for rotation. This could result in users keeping the same passwords for too long, which might increase security risks.

Describe the solution you'd like
I would like to implement a Password Expiry Notification feature. This feature will notify users when their saved passwords are approaching the expiry date (e.g., 90 days from the last update) or have expired. The notification system could work as follows:

Introduce createdAt and updatedAt timestamps for each password entry.
Set a default password expiration duration (e.g., 90 days).
Use a scheduled task (cron job) to check daily for passwords nearing expiration.
Notify users via email or in-app notifications when their passwords are about to expire or have expired.

Describe alternatives you've considered
Alternatively, instead of fixed expiration times, a customizable expiration period could be introduced, allowing users to set their own expiry dates for different accounts based on their preferences.

Additional context
This feature would enhance the overall security of the password manager by encouraging users to rotate their passwords regularly. Here's an example of a possible notification message: "Your password for [website] is about to expire in 5 days. Please update it for continued security."

kindly assign this to me
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 8, 2024

👋 Thank you for raising an issue! We appreciate your effort in helping us improve. Our team will review it shortly. Stay tuned!

@jindalpriyanshu101
Copy link
Contributor

Hi @refa8, the idea is wonderful. But i feel that its completely unnecessary to ask users to change their password, instead you can create some security enhancements can be implemented to ensure there are no potential security risks.

What say you? @jinx-vi-0

@jindalpriyanshu101 jindalpriyanshu101 added the question Further information is requested label Oct 9, 2024
@jinx-vi-0
Copy link
Owner

Hi @refa8, the idea is wonderful. But i feel that its completely unnecessary to ask users to change their password, instead you can create some security enhancements can be implemented to ensure there are no potential security risks.

What say you? @jinx-vi-0

Exactly, there is no need for that. If there are hundreds of passwords, it will be a cumbersome process to update all of them over a period of time.

@jinx-vi-0 jinx-vi-0 closed this as not planned Won't fix, can't repro, duplicate, stale Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jindalpriyanshu101 @jinx-vi-0 @refa8