Option to reveal passphrase during input

[GoogleCodeExporter]

It would be nice to include an option to reveal the passphrase during input. 
Since a strong passphrase is preferred, the opportunity to review the 
passphrase before generating the password would be helpful. Otherwise one can 
inadvertently generate a password based on a mistyped passphrase rendering the 
password useless since the phrase that it was generated from is unknown. This 
feature would be helpful on all implementations of Cryptnos but it would be 
exceptionally beneficial on the mobile implementation since input errors are so 
common on those devices. The reveal could be toggled on and off (preferably 
with a default in the setup) so that privacy could be maintained when required 
or when a simple passphrase is being used. This function exists in other mobile 
and desktop applications and I think it would be nice if it was available in 
Cryptnos.

Original issue reported on code.google.com by jcouc...@gmail.com on 28 Oct 2011 at 7:11

[GoogleCodeExporter]

This sounds plausible. However, there is an option build into the OS to handle 
this, at least partially. Have you tried going to Settings -> Location & 
Security (might just be Security on some devices), then enable the checkbox 
Visible Passwords? This briefly shows the last typed character before replacing 
it with an asterisk. I use this all the time on own devices. Ideally, an option 
within the OS itself is better than writing new, custom funtionality.

I'm more reluctant to pursue such an option on the Windows client as the risk 
of someone looking over your shoulder and seeing the visible passphrase is much 
higher. Again, it's possible, but if I'd add such a featue I'd probably make 
the user click through 50 warning dialogs first to say "Are you REALLY sure you 
want to do this?" I'll have think very hard about that one before pursuing it.

Original comment by jeff.darlington@gmail.com on 29 Oct 2011 at 12:46

• Added labels: Component-UI, Priority-Low, Security, Type-Enhancement

[GoogleCodeExporter]

I do use the per character reveal on the Android and it is helpful but having 
the opportunity to review the entire phrase before generating the password is 
just one more safeguard against setting a password that you cannot regenerate.

I understand your reluctance to create an environment where the security is 
compromised as easily as someone looking over your shoulder during input but 
it's kind of a contradictory position to say we think you will be careful 
enough to type a lengthy/complicated passphrase without being able to review it 
but we don't think you'll be careful enough to guard that input from others 
around you. This feature is available in the program I mentioned offline and it 
has been available in the desktop versions of pgp (commercial) and gpg (open 
source) that I have been using for over a decade. I think with all the warnings 
around ATMs and PIN pads people know to guard their sensitive data. This should 
be particularly true of people who are as technically and security minded as 
the users of Cryptnos are likely to be. It's not as if Cryptnos is loaded with 
every install of IE. Your users have to have a certain level of sophistication 
and security smarts to even become one of your users.

Just food for thought. Thanks!

Original comment by jcouc...@gmail.com on 29 Oct 2011 at 10:13

[GoogleCodeExporter]

I'm still very hesitant to add this to the Windows client, but after doing a 
bit of research I've decided to go ahead and add this to the Android client. 
It's actually pretty simple to implement; I thought at first that password 
fields were a totally separate UI component like they are in Windows 
programming, but instead it's just an attribute on a regular text field that 
turns the password behavior on and off.

There will be a checkbox in the Settings screen that will toggle this feature 
on and off. It will be off by default, primarily to maintain existing behavior 
but also as a security measure. There will be a warning dialog that will appear 
when the user toggles this setting from off to on.

This change will be included in the upcoming 1.3.0 release, which is still in 
development.

Original comment by jeff.darlington@gmail.com on 31 Oct 2011 at 4:14

• Changed state: Started

[GoogleCodeExporter]

Thanks Jeff. That will be a big help.

As a work around in the Windows client I have been typing the passphrase in 
notepad and then copying it to the input screen in Cryptnos. Hopefully as you 
continue to research the feature in Windows you'll come up with a solution you 
can be satisfied with. For instance in the Windows implementation of GPG every 
time you go to enter the passphrase you have to turn on the reveal feature. If 
the passphrase is wrong, the window has lost focus or you have any other reason 
to re-enter the passphrase you have to select the reveal option again. 

I understand your desire to help people avoid being their own worst enemy, and 
assigning a password using the wrong passphrase is not really a big deal when 
you can always get a website to reset your password for you. But when I'm about 
to encrypt my Outlook PST file, create a password for a TrueCrypt volume or 
encode my Quicken data file, I want to be absolutely certain I can reopen that 
file next time. If I can't see my input that makes me a little nervous.

But thanks for your responsiveness. I'm eager to get the mobile upgrade and 
we'll see what you come up with for the Windows client somewhere down the road.

Original comment by jcouc...@gmail.com on 31 Oct 2011 at 4:59

[GoogleCodeExporter]

Revision 46 just checked in, which implements this code. I've tested it pretty 
thoroughly so it looks like it's working without a hitch. There are several 
outstanding items left before version 1.3.0 gets released, however, so it make 
take a while before this officially goes out.

Original comment by jeff.darlington@gmail.com on 31 Oct 2011 at 8:26

• Changed state: Fixed

[GoogleCodeExporter]

Jeff, great job. Is it possible to get a copy of that revision to try out or do 
I need to wait on the next full release?

Original comment by jcouc...@gmail.com on 1 Nov 2011 at 1:02

[GoogleCodeExporter]

As a policy I only build release APKs, the same ones that go to the Market. I'm 
afraid I don't have the time to release iterative builds.

If you're savvy with the Android Development Kit and Eclipse, you're more than 
welcome to check out the trunk code from the repository and build it yourself, 
although it won't be signed by my key. The OS will not recognize it as an 
upgrade of the same application. You'll need to export all your existing sites, 
completely remove Cryptnos from the device, install the intermediate package, 
and re-import the sites. When the official 1.3.0 build is released to the 
Market, if you want to take advantage of the auto-updating again you'll have to 
repeat this process, only this time installing it from the Market.

I don't have an ETA for the official release. Cryptnos is something I do in my 
spare time, outside my day job and my comic strip. That makes it very hard to 
have a definitive schedule. I also don't want to release buggy code and there's 
at least one outstanding issue with the new QR code import/export feature 
that's currently a show-stopper. You can either follow the blog or Twitter feed 
or "like" Cryptnos on Facebook if you want broadcast notifications of updates 
outside the Market.

Original comment by jeff.darlington@gmail.com on 1 Nov 2011 at 2:51

[GoogleCodeExporter]

I understand. I'm a newb to Android development so I expect that your release 
will precede my skill set reaching the requisite level to build the release 
myself. I'll probably hang on and watch for the next release. Thanks again for 
a quality product.

Original comment by jcouc...@gmail.com on 1 Nov 2011 at 2:24