Bug 235454
| Summary: | [NEW PORT] security/py-pass-audit: Extension to audit your password-store password repository | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Tobias Rehbein <tobias.rehbein> | ||||
| Component: | Individual Port(s) | Assignee: | Tobias C. Berner <tcberner> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | CC: | tcberner | ||||
| Priority: | --- | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
A commit references this bug: Author: tcberner Date: Sun Feb 3 11:15:43 UTC 2019 New revision: 492047 URL: https://svnweb.freebsd.org/changeset/ports/492047 Log: [NEW PORT] security/py-pass-audit: Extension to audit your password-store password repository pass audit is a password-store extension for auditing your password repository. Passwords will be checked against the Python implementation of Dropbox' zxcvbn algorithm and Troy Hunt's Have I Been Pwned Service. It supports safe breached password detection from haveibeenpwned.com using a K-anonymity method. Using this method, you do not need to (fully) trust the server that stores the breached password. You should read the security consideration section for more information. PR: 235454 Submitted by: Tobias Rehbein <tobias.rehbein@web.de> Changes: head/security/Makefile head/security/py-pass-audit/ head/security/py-pass-audit/Makefile head/security/py-pass-audit/distinfo head/security/py-pass-audit/pkg-descr head/security/py-pass-audit/pkg-plist Thanks. Committed with a minor plist-change. mfg Tobias |
Created attachment 201670 [details] New port security/py-pass-audit pass audit is a password-store extension for auditing your password repository. Passwords will be checked against the Python implementation of Dropbox' zxcvbn algorithm and Troy Hunt's Have I Been Pwned Service. It supports safe breached password detection from haveibeenpwned.com using a K-anonymity method. Using this method, you do not need to (fully) trust the server that stores the breached password. You should read the security consideration section for more information. Porter's Note: - this port needs the overly specific version dependency on sysutils/password-store, as only with this version "pass" starts to check the system extension directory this port installs into. - portlint -CN and poudriere testport are okay with the new port.