password visiblity can't be fully hidden

[Emonshr]

When I go double click the needed account it just explores/shows the password by "Show Password" box checking, even if I check the "Hide Password", "Hide Content" boxes. Isn't it relevant to ask for the passphrase when we need to edit this password?

[issue-label-bot]

Issue-Label Bot is automatically applying the label bug to this issue, with a confidence of 0.85. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

[annejan]

When a passphrase is asked is up to gpg / gpg-agent . .

Would you like to have a feature added that makes showing of the password totally unavailable and just leaves the edit?
I don't really see how this should work.

[Emonshr]

Okay, I think it is about security. If anyone can see your password fields without providing any master key/passphrase that is insecure. And then the better approach can be, tell the gpg-agent to send the password field and save the password to a temporary helper process with encryption. If someone can provide the passphrase, then (s)he can get the required password.

[annejan]

This is exactly what happens / how QtPass (and pass) work . .

How often a passphrase is required is up to gpg-agent settings.

[Plloi]

if your not being asked for a password when you open the edit dialog it's one of two thing:

• gpg-agent is holding your keyring open
  -- you can change this behaviour
• You gpg key isn't password locked
  -- you can add a passphrase to your key.

[Emonshr]

gpg-agent is holding your keyring open
-- you can change this behaviour

@Plloi Then I'll try to work with this solution. Thank you everyone.

[annejan]

https://wiki.archlinux.org/index.php/GnuPG#Configuration_2

^=- the Arch wiki has a lot of information on configuring GPG agent