Define actual display of passwords "in clear" vs "asterisk" defined as a...

A lightweight and easy-to-use password manager

Brought to you by: dreichl

#2860 Define actual display of passwords "in clear" vs "asterisk" defined as a Database option

Milestone: KeePass

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2024-02-06

Created: 2024-02-05

Creator: Laurent Grenet

Private: No

Keepass provides a security options to allow / disallow clear display of passwords.
But beyond this option, when clear display is allowed, it has to be defined in "Configure columns", or with Ctrl+H shortcut, to actually display them in clear and this choice may be, or not, memorized thanks to the option 'Remember password hiding setting in the main window'.

Since the fact to actually hide or not passwords may be more necessary in some databases (more 'secret') than in others, it would be interesting to define a new option at database level (separate value for each database, saved with the database) on how is the password displayed at database opening.
Most likely, with this new option, the option 'Remember password hiding setting in the main window' wouldn't make any more sense.

Discussion

Paul - 2024-02-05

Personally, I think you should not be allowed to keep passwords visible.
If you can read a password to type it, it is not a very good password.

If you want to read a password, use the KPEnhancedEntryView plug-in with the side by side view and you can view an individual password with one click.

cheers, Paul

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

wellread1 - 2024-02-05

it would be interesting to define a new option at database level (separate value for each database, saved with the database) on how is the password displayed at database opening.

The design decision to make password hiding a workspace setting was made years ago and is unlikely to change. If this is an important need, you can install a second instance of KeePass portable with a default workspace setting to display passwords.

I concur with Paul's opinion that it is rarely necessary to display passwords if you use a password manager, e.g. KeePass. It would be interesting to know the use case that justifies differential password display. Secret vs more secret doesn't seem sufficient.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Laurent Grenet - 2024-02-05

What a democratic and open forum !
All what I wrote answering Paul's post has been suppressed !

In particular the ones in which I explained why it is sometimes mandatory to be able to let the passwords visible.

But it seems that you fear contradiction.... poor of you

Last edit: Laurent Grenet 2024-02-05

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

wellread1 - 2024-02-06

I saw some of your comments relevant to this thread are at https://sourceforge.net/p/keepass/discussion/329221/thread/3475c4d083/?limit=25#29a2. I found nothing persuasive in those posts. The KeePass behavior described in those posts is symptomatic of KeePass reverting to its long time default (secure) setting of hiding passwords. This will happen if KeePass can't access its config file after a non-standard upgrade.

I am aware that some unprofessional posts were stricken from this thread. If left, they may have been deemed prejudicial to the adoption of your feature request.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.