I have no idea what these buttons mean. When I want to generate a new key, do I have to press "generate key" first, then "save key" and before everything maybe select my key size first?
Secondly after doing so (which I assume, is the right process, but not everyone may think so and e.g. only press on "generate key" or so) the key-size option jumps back to "2048bit", so it seems there is no "status", which shows me how long the key, which is shown there in plain-text actually is.
Maybe this also confused me in https://github.com/nextcloud/passman/issues/311#issuecomment-307336281
Thirdly you maybe do not want to show the private key at all, if users do not need to copy it. Actually an attacker could trick less technical users to copy this private key with some social engineering. There is no warning and users not knowing RSA/the concept of public key crypto, do not now that this may leak all their password (or, doe snot it do so?).
Maybe on button "regenerate key", which automatically saves the key would be enough?
In the password settings:
First, maybe you should change the text to "password generation" or "default password settings" as it of course does not affect already saved passwords.
Secondly here is a save button, whereas in all other panes (except the one described before) there is no such button.
In NextCloud it actually seems to be the default to save changes instantly without clicking any button and maybe only notify the user that it has been saved/was changed/etc. You seem to do it quite differently here, which is not good IMHO.
Okay, maybe it is good when seeing things like password changing (which should not be done automatically), but it is still quite strange. Maybe better make a general save button, which saves all changes in all settings tabs.
---
Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/46056967-settings-ux-sometimes-strange-or-even-dangerous?utm_campaign=plugin&utm_content=tracker%2F44880056&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F44880056&utm_medium=issues&utm_source=github).
Just some screenshots for inspiration:
In the share menu:
I have no idea what these buttons mean. When I want to generate a new key, do I have to press "generate key" first, then "save key" and before everything maybe select my key size first? Secondly after doing so (which I assume, is the right process, but not everyone may think so and e.g. only press on "generate key" or so) the key-size option jumps back to "2048bit", so it seems there is no "status", which shows me how long the key, which is shown there in plain-text actually is. Maybe this also confused me in https://github.com/nextcloud/passman/issues/311#issuecomment-307336281
Thirdly you maybe do not want to show the private key at all, if users do not need to copy it. Actually an attacker could trick less technical users to copy this private key with some social engineering. There is no warning and users not knowing RSA/the concept of public key crypto, do not now that this may leak all their password (or, doe snot it do so?).
Maybe on button "regenerate key", which automatically saves the key would be enough?
In the password settings:
First, maybe you should change the text to "password generation" or "default password settings" as it of course does not affect already saved passwords. Secondly here is a save button, whereas in all other panes (except the one described before) there is no such button.
In NextCloud it actually seems to be the default to save changes instantly without clicking any button and maybe only notify the user that it has been saved/was changed/etc. You seem to do it quite differently here, which is not good IMHO.Okay, maybe it is good when seeing things like password changing (which should not be done automatically), but it is still quite strange. Maybe better make a general save button, which saves all changes in all settings tabs.Also this inconsistency: https://github.com/nextcloud/passman/issues/313