Prevent loosing valuable passwords about password-manager HOT 19 CLOSED

This is why alert should not be disabled.

On Friday, 17 June 2016, Nick [email protected] wrote:

I really suggest that the password generation button is only visible if
the password field is empty.
It's too easy to accidentially press the button.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
#60, or mute the
thread
https://github.com/notifications/unsubscribe/AEbvNElUw_S2QcCBLHF6TlIRtiL3NIftks5qMyztgaJpZM4I4zjB
.

from password-manager.

I'll working to implement an optional logging system. All deletion/refreshing will be logged.

from password-manager.

Well, then I know I made a mistake :)
But how can I revert what I've done?

from password-manager.

As I said, I'll implement logging feature. So you can find your old password from log

from password-manager.

Ah ok. So but then you'd also have to encrypt the log, right?

from password-manager.

LOG can't be encrypted. Or if you change password, it will have problem.
But why I can't log old password without encryption?

On Saturday, 18 June 2016, Nick [email protected] wrote:

Ah ok. So but then you'd also have to encrypt the log, right?

—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
#60 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AEbvNGjR5GSCNFKJcuw9LJgJ-_h0hZcuks5qNHQ_gaJpZM4I4zjB
.

from password-manager.

That's simple. Because as an administrator I can tell that most users change passwords to be similar to the old one. So I wouldn't want anyone to see old passwords.

But why don't you just show a warning message before changing an existing password and make sure the user did want to change the existing one?

from password-manager.

This is what the software like currently right?

On Saturday, 18 June 2016, Nick [email protected] wrote:

That's simple. Because as an administrator I can tell that most users
change passwords to be similar to the old one. So I wouldn't want anyone to
see old passwords.

But why don't you just show a warning message before changing an existing
password and make sure the user did want to change the existing one?

—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
#60 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AEbvNDIHgdopj5olxEf5HLFKcg3J4xFAks5qNHtDgaJpZM4I4zjB
.

from password-manager.

When I change the password right now, there's no warning message whatsoever. That's why I asked for a warning in the first place. So you say there should be a message?

from password-manager.

I remember there was one. Unless @BenjaminHae deleted the alert…

from password-manager.

Mh, could be that I deleted it as you could always dismiss the changes. I've got a nice idea that won't disturb users who now what they are doing and helps inexperienced users.

The idea is to show a popover under the eye button when the user clicks the refresh password button. The popover reads "click here to get your old password back".

from password-manager.

What about this:
If there's a password set, then just ask the user to manually delete the password field before generating a new one.

This will prevent a simple override. It's easy to delete the field content by hand and you have to willingly do it. And when it's empty you just press generate

from password-manager.

I think a new user will learn after he presses the regenerate button the first time.
For a "poweruser" first deleting everything will add a lot of hassle.

Especially if you're not happy with the autogenerated password. You'd have to delete everything until you'd get a good one.

from password-manager.

The thing is: I observed our secretary adding several accounts. Every once in a while she (for whatever reason) pressed the gen button. And then with a "whoops" closed the window. But instead of discarding she saved. I can assure you that this seemeingly stupid behaviour is absolutely standard. I know because I'm in this business for 25 years now. Users do everything wrong that is possible and you have to prevent them from doing wrong in the first place.

from password-manager.

I believe #62 fixed this. So I'll close this issue.

from password-manager.

from password-manager.

Alright.

On Sunday, 26 June 2016, Nick [email protected] wrote:

Then I'd definetely prefer to disable logging!!!

—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
#60 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AEbvNJ-OiX-31djq-3ylqyy22gKYGSx8ks5qPta7gaJpZM4I4zjB
.

from password-manager.

from password-manager.

Currently there's no log feature

On Sunday, 26 June 2016, Nick [email protected] wrote:

Is there an option for this? (Disabling log)

—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
#60 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AEbvNA6_66BrHUCv97K3E3UnFPzrZ0PGks5qPtfPgaJpZM4I4zjB
.

from password-manager.