lukestiles
commented
2 years ago Putting keys in the copy-paste buffer is generally not secure.
Closed Fang- closed 2 years ago
lukestiles
commented
2 years ago Putting keys in the copy-paste buffer is generally not secure.
Fang-
commented
2 years ago Unless we tell users to do a much more complicated "copy the keyfile into clay" flow, they are going to have to put the keys into clipboard at some point to do the required |rekey command.
In other words, I don't think we stand to lose any security here, we only stand to gain convenience. (I guess displaying the key on-screen is slightly less secure? But again, it will be on screen at some point...)
(We could do tricks like wiping the clipboard when bridge/this screen regains focus, to gain a little bit of security, but that's probably pretty hit-or-miss.)
We should inline the keyfile_contents for ease of use. Keeping the download option alongside it is righteous, we do not know whether the user needs that instead or not.
Perhaps the "download keyfile" button on the OS overview page should allow selecting an alternative option, to "copy command", to match this. More questionable though.