Open chriswayg opened 2 years ago
michaelk83
commented
2 years ago This sounds like a complementary workflow for the global password generator, but what you can do for now is first create the a new entry, and then use the password generator button from the entry's password field. This has an Apply button that updates the entry (you'll still need to save the entry, though). See also #6323 .
droidmonkey
commented
2 years ago I am not a fan of this workflow from the global generator. It is working backwards, as @michaelk83 said, you should be creating an entry first then using the generator from the entry creation screen to set the password. Likewise when changing a password, fill the current on in the form, change it, then fill the new one. That's what I do at least.
YellowOnion
commented
1 year ago KeePass UX avoids ephemeral generation, the dialog makes you select settings and then click okay and it makes a new entry.
The Global generator wouldn't be so bad if it didn't block the UI, or used a longer timeout when copying to clipboard, right now it's somewhat useless without any sort of permanent workflow.
jrabbit
commented
1 year ago This really is an important usability feature. As a user I don't really care what the way I'm "supposed to use" the app if it lets me do it the "wrong" way
Jookia
commented
4 months ago I am not a fan of this workflow from the global generator. It is working backwards, as @michaelk83 said, you should be creating an entry first then using the generator from the entry creation screen to set the password. Likewise when changing a password, fill the current on in the form, change it, then fill the new one. That's what I do at least.
Isn't this workflow vulnerable if the service rejects the new password or your browser crashes?
Summary
To prevent losing passwords, I suggest a [Save & Copy] button for the KeePassXC Password Generator. Once the user presses the button, KeePassXC will create a new credential item with the password and a Title of for example "Password-22-08-28-PM08:20".
In case this is used from the KeePassXC-Browser extension, I would propose [Save & Copy & Apply] as the functionality of the button. The new credential that would be saved in that way could get the title from the domain name of the current page, such as "Oracle-22-08-28-PM08:20"
The automatically saved credentials, containing only a password, could be saved in a special group such as “New Passwords”.
The button could be additional to the current Copy/Apply buttons or using the current buttons with password autosave as an optional feature. The time-stamp is not really needed in the title, but would help in case multiple attempts at a password change lead to uncertainty about which password is the active one.
Examples
Here is an example from 1Password, which has been our previous password manager for 8 years:
Context
As mentioned in another feature request, it is very easy to lose a newly generated KeePassXC password. This is very different from my experience with our previous password manager, where I never lost a Password as each applied password got saved by default. Currently, I need to be extremely careful, as it is easy to lose the password when using the KeePassXC password generator to create a new or updated password. This also applies when it is used together with the KeePassXC Browser extension.
The only drawback is that it could create redundant password-only items which are not used or might be duplicates. This has been my experience in the past years, but I would rather have an additional item, than having to recover a password (or losing a credential) due to a botched registration procedure. I just clean these out when I am sure I can really log in. For those who do not like or need this auto-save feature, it could be made optional in the settings.