Open tinchodias opened 3 weeks ago
you ask how to hide the text of the password ?
Not hide but replace by an asterisk each character.
El vie, 13 sept 2024 a la(s) 9:58 a.m., Alain Plantec ( @.***) escribió:
you ask how to hide the text of the password ?
— Reply to this email directly, view it on GitHub https://github.com/pharo-graphics/Toplo/issues/202#issuecomment-2348901486, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXHHKLRINZ6GRAZP3ERJPLZWLOPBAVCNFSM6AAAAABOEEEUU6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGNBYHEYDCNBYGY . You are receiving this because you authored the thread.Message ID: @.***>
maybe there is a font for that
If you only change the font, could you copy/paste the password ? If yes, would it make it a security issue ?
Both are good points :)
For Morphic backend, that is always a reference implementation, it is a font. See RubTextFieldMorph>>#beEncrypted
:
beEncrypted
encrypted := true.
self textMorph font: (StrikeFont passwordFontSize: self theme textFont pointSize)
where that font is:
I don't know of an existing analogous way to do it for Bloc.
In Morphic, you CAN copy to clipboard (and paste the entered string).
You can test it with:
m := SpRubTextFieldMorph new.
m encrypted: true.
m openInWindow.
and wrapped in Spec:
text := SpTextInputFieldPresenter new.
text bePassword.
text open.
As a reference in HTML, I tested the password input field in this webpage:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/password
on a Macbook, in Chrome, Firefox and Safari. In all cases, the CMD+c was ignored.
This should be possible to implement. In Morphic, by avoiding the execution of RubTextEditor>>#copySelection
when the shortcut is pressed, or when menu item pressed on context menu.
security ? ok disabling the shortcut can be done easily and it is mandatory to do it for a password textfield. but it will very easy to hack any image with a script that catch the passwd textfield content ☺️
Ok! I'd be nice to disable the copy shortcut (not paste!). In an image with IDE tools disabled, the password will be safe from user point of view.
El sáb, 28 sept 2024 a la(s) 6:06 a.m., Alain Plantec ( @.***) escribió:
security ? ok disabling the shortcut can be done easily and it is mandatory to do it for a password textfield. but it will very easy to hack any image with a script that catch the passwd textfield content ☺️
— Reply to this email directly, view it on GitHub https://github.com/pharo-graphics/Toplo/issues/202#issuecomment-2380575336, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXHHKNRMHZWQVVZ6UDGPUDZYZWRXAVCNFSM6AAAAABOEEEUU6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOBQGU3TKMZTGY . You are receiving this because you authored the thread.Message ID: @.***>
@plantec how do you recommend implementing it?