newhinton
commented
5 years ago This is working as intented. You are seeing a button which you can use to mark a credential as compromised. We do not use have i been pawned.
Closed bsherwoodofdaptiv closed 5 years ago
newhinton
commented
5 years ago This is working as intented. You are seeing a button which you can use to mark a credential as compromised. We do not use have i been pawned.
bsherwoodofdaptiv
commented
5 years ago Highly confusing. Bright color hides that it might be a button (at least as rendered in Firefox on Windows)
I'll see if I can get AdBlock to hide the element as it is of no use. The password database is not shared. You can not save the record a second time without changing the password it contains after tagging it without being forced to change the password. If I know the password is compromised, and I am in the editor, why would I not change it at the time I am in the editor?
In any case it was a design decision and not a bug or unexpected feature. User is responsible to block the visual element on their own.
mdik
commented
5 years ago This is definitely a UX bug. Please re-open (and fix while you're at it?).
I'd propose making the button the usual button colors (dark-grey font on light-grey background), and changing the text to "Mark password as compromised".
newhinton
commented
5 years ago I agree on the change of the text (which is already changed) but i think it should stay different from normal buttons like save or cancel.
I will test different styles to see if there is something better for that
any suggestions for that?
mdik
commented
5 years ago Cool! Thank you!
Maybe white background with red/light-red border color, and dark-grey font color?
volker67
commented
5 years ago i also discovered that behavior and found it very strange ... left me back with a shock, being hacked? please change that back?
pieveee
commented
5 years ago I was confused too by this button. My suggestion: Add an info icon next to the 'Compromise!' button with an info text like "Mark this credential as compromised" or so.
mehturt
commented
5 years ago Confused me as well.
paulcalabro
commented
5 years ago I found this confusing as well.
synthead
commented
5 years ago Ditto, this is confusing :wink:
How about something more descriptive, like this?
And maybe indicate that the password is the problem, like this?
DailenG
commented
4 years ago Reasonable workaround I utilized was enable the Custom CSS app, under Theming Settings, and set CSS to this to hide the button
.compromised-button {
display: none;
}Or just change the red to transparent
.compromised-button {
background-color: transparent;
}
Bug report
Steps to reproduce
Expected behaviour
Passman should show the record editor with no 'compromise' display
Actual behaviour
Editor shows the record with a bright red 'Compromise!' button shaped warning. If you save record without changing password, the record shows up in credentials list in bright red.
This occurs on records that just had a password generated from the complex auto generator. It occurs on records that have been confirmed on HaveIBeenPwned website as not compromised.
Configuration
Operating system:
Linux
Browser:
Firefox 67
Extensions that might cause interference:
N/A
Passman version:
2.3.1
Operating system:
Web server: Nextcloud (SNAP) - version 15
Database:
PHP version:
cloud server: Nextcloud
cloud version: 15