[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-usability
Subject: Re: Allowing No Hide mode in passwords
From: bj () altern ! org
Date: 2004-01-20 16:18:19
Message-ID: 200401201618.28419.bj () altern ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
> Just one thought... what about not doing it at at all?
> - Is that feature that important?
> - No matter how it is done, this is about allowing passwords to be shown.
> It's reducing at two levels:
> 1 - Implementation, bugs might lead to exploits to steal password
> 2 - The feature itself might end up beeing used somehow to steal passwords
> I really don't think it is worth increasing security risks...
>
> If you really wanna see it, type it somewhere (kwrite, knotes...) and paste
> it to the pass prompt...
Well, I think it is the worst thing to do, because if you copy & paste your
password, it will stay in the clipboard history (klipper)...
I am myself not really sure we should implement this feature, but having used
it for a few days, I think it is quite convenient (I work alone, there is no
one wandering around trying to steal my password ). However, I am fully aware
of the security issues and will not ask for implementation unless there is a
satisfying solution.
[Attachment #5 (application/pgp-signature)]
_______________________________________________
kde-usability mailing list
kde-usability@kde.org
https://mail.kde.org/mailman/listinfo/kde-usability
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic