Open WNYmathGuy opened 4 years ago
gelbphoenix
commented
1 month ago Short comment for Scenario 2: You can import an Chrome/Google Passwords CSV in your Nextcloud. After you imported that the plugins and apps should have also the passwords from your Nextcloud.
marius-wieschollek
commented
1 month ago How to import your passwords from Google Chrome
The entire scenario is void as you don't need to do anything that is described in there. If the extension does not automatically suggest the password you want on the site, just use the search function and then click on it. The extension will remember and suggest it next time. If you want autofill, enable it in the settings.
gelbphoenix
commented
1 month ago Besides all of that have the Browser extensions and the iOS app already password generation. I don't know if it is logical (with mentioned point) to have a password generator in the web interface but that's a point for @marius-wieschollek.
marius-wieschollek
commented
1 month ago The browser extension itself also has the same password generator as the Nextcloud app in the last tab. The other apps aren't from me, that's not part of this ticket. I don't really see the benefit of having a dedicated "Create password" button in the web interface.
Current Status
Scenario 1 When I am on a new site and I want a good password generated by the Nextcloud App, I have to start the creation of a new stored password in order to get some random generation. (sure their's other ways, but you are already making it available) It feels like a heavy lift because if I just typed in something off the top of my head, in almost all cases your browser plugin would see the new password and offer to store it, but instead, since I already have the creation started, I finish building it outside of that nice automation.
Scenario 2 Also, as I get rid of old Google stored passwords, using the prepopulated fields from Google isn't detected by the Nextcloud password browser plugin. So normally I have to go into the NC App to build a password for the site as I copy the parts from the Google stored passwords. Then I have to use the browser dialogue to delete the Google password for it to sync delete.
Scenario 3 Altering passwords is a tiny chore. Many sites that force a password change have the change done by entering the existing password, then entering and reentering a new password. I have to go into the NC App edit the existing stored item, generate a new password, copy that and go back to the site to make the change, then if it worked, flip back to the NC App and save the change there also.
Feature Description
In the mobile device app and the browser plugin's give access to the tool that generates a password with the same options. (maybe add a char length option) Sometimes when I want crazy security I'll copy the current generated characters, generate a new one, paste the first set on the second one, and so on to get a desired big length over 12 and under the limit of the site I'm making a password on.
So if there was another tab in the plugin/mobile device app for generating a random string
{current site key, search for a key, settings, generate random chars}, it would be really convenient. This type of handy tool would solve both the Scenario 1 & 3. A random password generated without attachment to anything but the device Ctrl-C blotter would be very handy. For a new account on some site, just get the type of rando you need and let the system do what it's supposed to. Changing a password, no problem, sign in and use the system to put the existing password in, then generate a new one with the plugin, and later when you log in with the new password, the system will ask to update it.About Scenario 2, I'm not sure what to say, but it seems like when that google password manager populates the content into the field, it's available to be read, but I'm totally ignorant about this area of programming and content security. It would be really cool if there was a way to export Google stored ones, and translate that format to import it into the NC App. Then I could click delete all Google Passwords.
Additional context
I love this app. Passwords stored in the Chrome browser is probably the strongest reason keeping me using that browser. I would love to finally be free of it.