Add option to require Yubikey Press on display of login/password/secure Note etc. to improve exposing whole database.

[imperia9]

Summary

At present, the system allows all passwords access after logging in, it would be beneficial to security to not expose all "secrets" but require yubikey press to expose any secret. This way, if attackers get access, the worse case is they get one password or require yubikey press.

Examples

You open DB, you search for the site, you try to copy password, and it asks you for yubikey press before you are abe to copy.

Context

Good prevention from ransomware exporting DB or extracting passwords on unlocked data store.

[droidmonkey]

This would require a complete recode of our program. We are not going to do that and the protection is not worth the significant hit to user experience. If you are worried you can split your higher value entries into a separate database or set a short lockout timer.