-
-
Notifications
You must be signed in to change notification settings - Fork 321
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Possibility to take only the domain and not the FQDN #199
Comments
@kidburglar it seems it's an issue that was fixed, but remodified for reason I do not understand.
@guillaumevincent It would be good to add in the wiki the functionality you want for this case and to explain why. |
We reintroduce this because the modification change every generated password. So it's a bug :) I always wanted to keep only the domain name and remove the sub domain. Before any new version we are working on a password migration tool (but shssh it's a secret) |
So we'll have a V3 anytime soon? In other words: |
@SoftwUser No we will not got a version 3 soon. Here the roadmap:
After this (~3/4 months) we are going to see what is the next step, maybe scrypt + this feature, maybe something else. So no v3 soon, |
@guillaumevincent I had in mind that if we want change our master password we only need to change our current LessPass generate password with the new one. So I'm curious to know what would be the reason of LessPass Move ? |
We will make a post about this soon, but in short LessPass Move will help you to change all your generated passwords. You will connect to a LessPass Database or import list of sites, enter your master password and it will generate old and new passwords. You will have to copy paste the passwords or the tool will try to change directly password on the site. |
I'm OK with the idea of an option to decide how to manage the URL. However, I against requiring users to input regex as it is opposite to the KISS principle we aim for in the app. Regexp are damn complicated thing and highly prone to error. Thus, even if errors are due to badly written regex, it will create frustration against the app. I'm closing, as it's not something we will be working on right now or in the coming 3-4 months. |
@guillaumevincent Sorry for resurrecting an already closed issue but I stumbled into this subject only by now and have a problem of understanding, why a V3 would be necessary: Today (V2) when I browse to for example But today the user has the ability to manually alter the site name in the web interface or browser extension to
resulting of course in different passwords because of different characters in the site name. But this input always is a responsability of the user (who has to keep in mind what he finally accepted as a site name - or he has to use the connected mode), regardless of the LessPass-version. So if there is a V3 where the only change is the handling of the sitename (reducing Or vice versa - in such a V3 the user could manually extend So there would be no need to recreate the passwords only due to this change (handling of the site name) ... or am I missing something? Thank you. |
User use web extension site autofill feature and don't modify the site. If we modify the autofill feature to use fqdn it will break user generated password. V3 for only subdomain is not enough. New version every 6 months is not good for LessPass. We are working on LessPass Move and then we will see if we introduce V3. I reopen this one, but we are not going to introduce a new version without LessPass Move. |
@guillaumevincent So people that will not modify their password may keep them and for the others they may use the option to switch to remove subdomain. I think that the best solution for everyone. |
Well, some users do, some users don't, I suppose. I am happy if we don't get a new version (V3) only because of this domain handling issue, so no need to keep this issue open, IMHO. I just wanted to make sure that I had understood that subject correctly. I fully agree that new versions (in whatever frequency) are not good for the LessPass conception. |
I agree and maybe find a way to customize options like using fqdn option |
Hello
I think it's a normal and ideal case, indeed, but during of my use of LessPass during 2 weeks, two of my favorite website change their website domain name (they said So for theses websites I change the password
It can be a good idea. |
@Kcchouette @kidburglar yes it's a good idea we will add option for FQDN feature after LessPass Move |
To sum up option should offer:
|
@edouard-lopez yes, with the third option (FQDN (e.g. accounts.google.com)) as a default option |
This one is hard to maintain because you will need a list of popular TLD |
@guillaumevincent |
@kidburglar unfortunately, this is not so simple. TLD could be complex. There is no easy solution to get only |
@guillaumevincent Edit: I think that it's the stripping subdomain part that it's difficult but when it's done the TLD will not be a real problem. |
As @kidburglar has said, if you have domain and tld (e.g. Edit: the most difficult part is to have the domain and tld (what's in the case of |
My bad @guillaumevincent, this is indeed not a trivial deed to accomplish, I will update. For info check out:
|
@kidburglar there is a ton of strange TLD see list existing TLD The problem is not trivial, if you get
`pvt.k12.ma.us` is a TLD so domain is api
Now domain of
`lib.ny.us` is a TLD so domain is pvt
This is the reason why there is project like https://publicsuffix.org/ |
@guillaumevincent if you can easily maintain if you can say the domain and tld is
Same, if you can say the domain and tld is |
For our purpose we will probably need a list of most used TLD (
|
@Kcchouette I said:
So yes with a valid TLD list it will be easier to get domain name without TLD |
I'm probably a bit confused by what you are saying, so here a sum-up post:
And now, in which case are we talking, the |
I reckon URL parsing problem is out of the scope of LessPass and should be a different project altogether. @Kcchouette feel free to start a project to solve this issue. |
A prominent website is for example So how would that translate into
That does no way look to be easy to do IMHO. I vote for focussing on |
@Kcchouette your solution for only domain doesn't work
There is no easy solution. If we want to offer only domain ( I suggest reopening an issue when we move forward on LessPass Move. |
Hello,
I saw today that on websites lesspass take always the fqdn from URL
I think that in this kind of configuration all the websites under "domain.com" need to have the same password.
I think an option can be enough but the possibility to define her own regex can be nice too.
Cheers.
The text was updated successfully, but these errors were encountered: