Caiyeon
commented
6 years ago This has been suggested before but I decided that it is not within the scope of a UI to attempt to block physical access. Preventing shoulder-surfing may be easy in the secrets page, but sets a horrible precedent that I cannot hope to follow through - there is no way I can consider shoulder-surfing in every frontend page, component, and feature.
Is this a front-end feature or backend? (or both?) Frontend
Description of feature: To prevent shoulder-surfing, obscure secret values with a 'show/hide' button next to them. As a bonus a configuration option (regexp?) could allow specifying what keys are obscured so that keys that are not real secrets can still be visible.
Are you able to submit a pull request for this feature? Unlikely but I will look into it.