Closed Emonshr closed 4 years ago
Emonshr
commented
5 years ago 
When I go double click the needed account it just explores/shows the password by "Show Password" box checking, even if I check the "Hide Password", "Hide Content" boxes. Isn't it relevant to ask for the passphrase when we need to edit this password?
issue-label-bot[bot]
commented
5 years ago Issue-Label Bot is automatically applying the label bug to this issue, with a confidence of 0.85. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!
Links: app homepage, dashboard and code for this bot.
annejan
commented
4 years ago When a passphrase is asked is up to gpg / gpg-agent . .
Would you like to have a feature added that makes showing of the password totally unavailable and just leaves the edit? I don't really see how this should work.
Emonshr
commented
4 years ago Okay, I think it is about security. If anyone can see your password fields without providing any master key/passphrase that is insecure. And then the better approach can be, tell the gpg-agent to send the password field and save the password to a temporary helper process with encryption. If someone can provide the passphrase, then (s)he can get the required password.
annejan
commented
4 years ago This is exactly what happens / how QtPass (and pass) work . .
How often a passphrase is required is up to gpg-agent settings.
Plloi
commented
4 years ago if your not being asked for a password when you open the edit dialog it's one of two thing:
Emonshr
commented
4 years ago gpg-agent is holding your keyring open -- you can change this behaviour
@Plloi Then I'll try to work with this solution. Thank you everyone.
annejan
commented
4 years ago https://wiki.archlinux.org/index.php/GnuPG#Configuration_2
^=- the Arch wiki has a lot of information on configuring GPG agent