I would like to have the possibility to set an expiration on session keys generated by the CLI.
An example UI would be
bw login --ttl=1h or
bw unlock --ttl=1h. The session key would be made invalid after the specified TTL.
Having an expiration would be a significant security advantage, mitigating the risk in case a user forgets to
bw lock or
bw logout. I would go as far as saying there should be a default expiration, but I understand that would not be backwards-compatible.