New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

UX improvements to unlock screen #835

Open
jsha opened this Issue Aug 1, 2017 · 5 comments

Comments

Projects
None yet
6 participants
@jsha

jsha commented Aug 1, 2017

Right now, when you try to unlock a password database, it looks like this:

screenshot from 2017-07-31 17-14-28

I think there are some issues here:

  • It says "Enter master key", then "C:/Program Files/KeePassXC/Passwords.kdbx", but doesn't explain the relationship between them. One option: Skip displaying the path of the database on this screen, since the user presumably just selected it.
  • "Master key" is a confusing term; other password managers use "Master password." I realize this is somewhat different because of the possibility of a key file. Perhaps KeePassXC could detect or remember whether a key file is needed for a given database. When no key file is needed, this screen could just say "Enter master password." If a key file is needed, it could say "Enter master password and select key file."
  • Ideally options that are not currently needed or enabled would not be shown, since they can be distracting. E.g. "Challenge response" in this screenshot could be removed, since KeePassXC already knows enough to disable it. Ideally "key file" could also be hidden when not needed.
  • The eyeball icon to show the password should have a tooltip indicating what it does.

Thanks for listening! :-)

@phoerious

This comment has been minimized.

Member

phoerious commented Aug 1, 2017

Thanks for your continued UX testing on KeePassXC. This time, however, we can't really change anything (not everything at least).

We do not know what went into the master key and that is by design. All keys are combined into a single large master key which is used for encrypting the database and there is no way of knowing from a given database how to decrypt it. We actually don't even know of it is a valid database at all (hence the "wrong master key or database corrupt" message when you enter the wrong password).

We already save in the config file recently used key files and Yubikeys and then pre-select the boxes on demand, which gives an attacker more information than they need to have, already. But they still need to have the config file, from the database alone it's not possible to get this kind of information and we won't change that.

But from the config file alone, we can't hide unnecessary input fields for two reasons:

  • It is probably more confusing when the controls are hidden sometimes (when the DB was opened before) and sometimes not (when we don't know about it or when the DB was moved to a different path) than just pre-selecting the boxes.
  • It will be impossible to open the DB if the key was changed on a different computer or different location and then copied to the old location, in which case you would need to edit the config file to get your key inputs back.
@droidmonkey

This comment has been minimized.

Member

droidmonkey commented Aug 2, 2017

My only comment is it might be better to say at the top: Enter credentials to unlock [database file name]

Then show the path below. This is critical information especially if you open more than one database (ie on launch

@droidmonkey droidmonkey closed this Aug 2, 2017

@droidmonkey droidmonkey reopened this Aug 2, 2017

@louib

This comment has been minimized.

Member

louib commented Aug 9, 2017

@jsha I agree that "master key" might be a confusing term. @droidmonkey it might be a good idea to rename it to credentials so that it's more generic and less confusing for the user, as we also discussed in #813 . That being said, I think we should stick to one term only, so if we decide to use credentials instead, we should change it everywhere in the UI. Right now it's also used in the ChangeMasterKey window, and in a couple or error messages.

@quinncomendant

This comment has been minimized.

quinncomendant commented Sep 14, 2017

The heading of the macOS main window is Unlock database, instead of Enter master key. Why are they different? "Unlock database" is perfectly fine.

@lindhe

This comment has been minimized.

lindhe commented Aug 7, 2018

Another UX detail that nags me is the "Challenge Response" checkbox, which is not always automatically checked when one clicks refresh.

If I open KeePassXC, then plug in my YubiKey and tab my way to focus the "Refresh" and press space to detect the newly plugged-in security key, the checkbox is not checked automatically. But if I instead use my mouse to click the refresh button, the checkbox is automatically checked.

screenshot from 2018-08-07 11-01-10

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment