subdavis
commented
6 years ago Hey there. Thanks for the feature request.
This could be a security issue by giving away which file is used as a keyfile.
"forgetting" which keyfile is used for any particular database would be pretty pointless since you have to load your keyfile into tusk's storage area. While it may feel more secure to have to select your keyfile, the reality is that your keyfiles are already loaded in Tusk. Even if you have ten or twenty, it would be trivial for a hacker with your password to try all of them.
Basically, having the user select their keyfile would add no security to Tusk. If it isn't clear why, it's possible this should be converted into a bug report about the explanation of the keyfile settings tab not being clear enough.
Does that make sense, and do you have any further thoughts?
matthewmcpartland
This issue is a
Please describe the current behavior, and explain why it's bad.
Currently Tusk remembers which keyfile was previously used for each database, rather than only remembering the keyfile while tusk remembers your password.
Please describe how you think it should change.
This could be a security issue by giving away which file is used as a keyfile. When using CKP each time you had to type in your password you would have to select your keyfile from the list of keyfiles. I think giving an option to mimic this behavior would be nice so that whenever I type in my password I also have to select the keyfile.
Anything else?
Maybe also consider the option to always make the user select their keyfile, making the remember password for X hours a little more secure since Tusk could remember the password but force the user to select their keyfile from the list