We are facing a common challenge in password vaulting systems where the password age isn't directly tracked, and the password hash changes even when unrelated attributes are modified. This makes it difficult to determine when the password was last changed.
Problem Summary
- No dedicated timestamp for password change.
- Password hash changes even when non-password attributes are modified.
- You need to detect passwords older than 2 years to raise a security finding.
How to solve this in secret safe?