Comments (13)
Thank you for your suggestions!
For 4: Yes, the 'Generate new password' option can cause problem. I'll try to find a way to prevent damages caused by mistake. (Maybe keep one history in server) But I don't think the enable/disable feature is needed. You 'disable' this feature as long as you don't click it.
For 1, 2 &3, if you go through my commit history, you'll find I didn't do much on such additional features. My logic is simple - keep sensitive data in password field and all other description in account field. Both fields will be encrypted but the password field will have a stronger encryption. Though they're single line field, you can exactly put [PASSWORD XXXXXXX PIN XXXXXXX] into the password field anyway. I'll finally make those improvements as time goes by but my main focus for now is security. If you really need all those features, LastPass will be a better choice for you.
Actually I wrote this project for my own use. I care more about my password security than those features that make my life easier. The reason I don't use LastPass-like service is that they can recover your account when you forget your login password. This is unsafe to me because it means the company can have your data if they really want. So in my design, forgetting password theoretically means data lost forever and only your browser sees your login password. By the way, those popular online service would be a bigger target for hackers.
In a word, thank you for your suggestions but I'm afraid I won't implement them in the near future.
from password-manager.
Would you accept pull requests for simple enhancements where possible security implications would be easy to see?
I mean things like url fields or tagging.
from password-manager.
Sorry but I can't simply understand why adding those two fields leads to
problems as long as you encrypt them like the account field.
I definitely won't accept any PR which has a negative impact to security.
But as I said, I don't see why URL and tagging would have such impact. If
you think users might input malicious URL, that's their own business.
On Thursday, 28 January 2016, Benjamin Häublein [email protected]
wrote:
Would you accept pull requests for simple enhancements where possible
security implications would be easy to see?
I mean things like url fields or tagging.—
Reply to this email directly or view it on GitHub
#3 (comment)
.
from password-manager.
Sorry but I can't simply understand why adding those two fields leads to
problems as long as you encrypt them like the account field.
I think so too. I just wanted to imply that I'm not going to ask for a pull when it's not easy to see that security is not concerned.
So on to work.
from password-manager.
@nickbe All your requested features are included in v9.0
from password-manager.
Hey great - I'll check this out ASAP.
Thanks :)
from password-manager.
Much better now. Thanks again :)
A new suggestion if I might: Let's click on the EntryName and show the completely entry similar to the edit window, but only as nicely formatted text.
I thik this is what I would use on my mobile most.
from password-manager.
I'll consider this in future versions
from password-manager.
@nickbe Please try newly released v9.05
from password-manager.
Hey great good.
Could you make the complete name clickable? (A link, but not an obviously underlined one),
It would be easier for mobiles this way :)
from password-manager.
I won't make it clickable because I might need to copy the contents in
account name. I think my implementation is just equivalent.
On Thursday, 17 March 2016, nickbe [email protected] wrote:
Hey great good.
Could you make the complete name clickable? (A link, but not an obviously
underlined one),
It would be easier for mobiles this way :)—
You are receiving this because you modified the open/close state.
Reply to this email directly or view it on GitHub
#3 (comment)
from password-manager.
Well, Very good point!
So what about a more button like design for the view and edit icons.
I think they're a little bit hard to click on mobiles.
from password-manager.
Well, it will take too much space if made bigger. I've tested on my phones and I think they are just about the right size.
You can adjust the icon size your self in password.php
if you really feel it's small
from password-manager.
Related Issues (20)
- Enable Group by Tags default HOT 2
- sort by name HOT 2
- random_login_stamp HOT 7
- Positive comment and thank you HOT 3
- Extra table td before username HOT 6
- Import problem with Username filed HOT 1
- Is this still active and mainteined? HOT 6
- Complete rework HOT 1
- Import CSV failed. HOT 4
- Replace SHA512 with SHA3-512 HOT 3
- Move to maintainance mode HOT 2
- Upgrade plugin to support v11.00 HOT 4
- PIN doesn't work on newest version HOT 5
- Cannot read property 'importKey' of undefined HOT 2
- TypeError: Cannot convert undefined or null to object AFTER LOGIN HOT 4
- New Implementation is ready HOT 1
- what is the password HOT 6
- Cannot run version 11: error 'sorry-update-your-browser' or am I not meeting the minimum requirements? HOT 1
- Can no longer copy password to clipboard without revealing it? HOT 2
- Current web browser doesn't support the technologies in Android 8.1 HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from password-manager.