[WIP] Passman #1
Comments
|
I'd love to see OTP implemented to unlock all passwords instead of only relying on passwords |
|
OTP is for eg; Google, when you login google asks for the One time password. A 2 factor auth would be nice for passman, but maybe let NC handle that? |
|
I don't think OTP is viable or useful for passman, as the user is already authenticated, and the passwords are encyphered using a master AES key (in the current passman version, i can't think on a way that OTP could make it more secure or to implement it in a way worth the effort that increases the app security |
|
Yeah, you're probably right, the user is already authenticated and as long as he doesn't store his password in localstorage, he should be OK. |
|
as of for the sharing part, documentation on how to gather users and groups data from NextCloud apis would be neat. |
|
Ha, just yesterday I thought "man this app would really deserve an update". |
|
Let's start a discussion, is password sharing really needed? |
|
Bikeshed incoming: no. |
|
IMHO its like asking if a gun should be able to shoot backwards. |
|
hahahaha, true, but it has applications when you need to share some kind of passwords of sites that only allows 1 account to be created between different company members, better than putting them on an excel on a shared network folder would be a good password manager with nice security |
|
@animalillo use a gpg encrypted excel |
|
No, really in general you dont want that situation. If you have that situation I don't think theres anything better than the excel |
|
sure, then nobody would use the password manager, cause they can keep all their passwords in the confortable excel they are allowed to use, copy, travel around and share with anyone anywhere in many ways |
|
Password managers exist because you dont want to use the same password on all services. Nothing more. |
|
The more features you pile on the less secure it becomes. As for sharing passwords with other colleagues: don't do it. |
|
forgot to say "i don't need that password manager thing your IT dep has set up for us, we already have excel and we are already using it for this $shared_passwords" and yeah, password managers are for using diferent passwords everywhere. i don't think sharing passwords is something you should usually do, but some times it's needed, and it's better if it's centralized for a company, that's my opinion |
|
Good luck with that company then :) |
|
it's also more secure, because you know who has access to the passwords and who doesn't. Of course, users are users and users are gonna act in unpredictable ways. |
|
👎 I dont need sharing as well |
|
Well, I would find it useful in a non-enterprise setting. Let's say you have a club, large family, etc.
So to be able to share amongst community members could be useful from my pov. |
|
Updated todo list. |
|
Nice progress :) |
|
Closing, created separate issues for the open tasks. |
So i have passman at brantje/passman that's for ownCloud.
Since passman for NextCloud will be complete rewrite, i decided to strart from scratch, with a new repo.
What is Passman
Passman is a password manager for ownCloud.
It will keep your passwords safe (as long you keep your server safe ;) ).
Features:
Todo
Help / idea's needed for
I wil keep this issue updated when i get new idea's
The text was updated successfully, but these errors were encountered: