-
-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
password visiblity can't be fully hidden #496
Comments
Issue-Label Bot is automatically applying the label Links: app homepage, dashboard and code for this bot. |
When a passphrase is asked is up to gpg / gpg-agent . . Would you like to have a feature added that makes showing of the password totally unavailable and just leaves the edit? |
Okay, I think it is about security. If anyone can see your password fields without providing any master key/passphrase that is insecure. And then the better approach can be, tell the gpg-agent to send the password field and save the password to a temporary helper process with encryption. If someone can provide the passphrase, then (s)he can get the required password. |
This is exactly what happens / how QtPass (and pass) work . . How often a passphrase is required is up to gpg-agent settings. |
if your not being asked for a password when you open the edit dialog it's one of two thing:
|
@Plloi Then I'll try to work with this solution. Thank you everyone. |
https://wiki.archlinux.org/index.php/GnuPG#Configuration_2 ^=- the Arch wiki has a lot of information on configuring GPG agent |
When I go double click the needed account it just explores/shows the password by "Show Password" box checking, even if I check the "Hide Password", "Hide Content" boxes. Isn't it relevant to ask for the passphrase when we need to edit this password?
The text was updated successfully, but these errors were encountered: