Open ghost opened 4 years ago
WuphonsReach
commented
4 years ago If the master password could be supplied on the command line
Generally not recommended as other users on the machine can use the process list to see command-line arguments.
ghost
commented
4 years ago With the KeyPassXC solution the password does not appear on the command line. It is piped via stdin.
DaffyDuke
commented
4 years ago Hi, it would be great feature ! I love using keepasscli | secret-tool | gpg to search for password from commandline, I cloud not live without it :-) A way to migrate to Lockwise, for me, is cli tool, yes.
Neither Firefox nor Thunderbird provide a convenient way any more to store password in the system keyring, which can be automatically unlocked at login (I use Gnome keyring on Xubuntu). It was possible before with add-ons, which unfortunately are not supported any more in either Firefox or Thunderbird. It was a reason for me to drop Firefox in favour of Chromium in the past.
For me it is a crucial usability requirement to have to enter my password only once (at login or to unlock a locked session), and then no more, and still have all passwords stored only encrypted on disk. Surely I do not want to enter a password again for Firefox, and then again for Thunderbird, and maybe again if I close any of those programs.
If the master password could be supplied on the command line to Firefox and Thunderbird, then this behaviour can be implemented with relative ease (as possible for the identical use case with KeePassXC, see https://github.com/keepassxreboot/keepassxc/issues/1267#issuecomment-398033268).
Native support by Lockwise of system keyrings (which is relatively simple via libsecret) would be much preferred to this, of course. It is somewhat hard to understand why such a key security feature is not implemented from the beginning - noting that usability pretty much equates to security, and now for sure loads of users don't use any password encryption due to the inconvenience just described.