Closed hgGeorg closed 9 years ago
jessepollak
commented
9 years ago Hi! Thanks for taking the time to open an issue! When a user logs in with Clef, all the passwords are decrypted and when they log out they are re-encrypted. In the interim—when a user is on the computer with Clef active—users can view, edit, and delete the saved credentials. This is the expected behavior, let me know if you have any other questions!
hgGeorg
commented
9 years ago The thing is: If they don't log out, ALL their saved password are visible in plaintext. One error can compromise ALL your passwords. It is worse than any browser built-in password management system. Chrome for example requires a password before showing any saved passwords as plain text.
There are no other password management system I know of that will expose ALL your password if you simply leave your computer for a small break without logging out.
Please rethink whether this behavior is secure enough. Do you really expect your users to log out every time they take a coffee or bathroom break?
josephwegner
commented
9 years ago FWIW, I use 1Password as well, and that also allows passwords in plaintext for a defined amount of time, without requiring a password. Similar to Clef, the timeout is configurable.
It is possible to retrieve every set password by going into the 'Waltz Management' page, press the 'decrypt' and 'show' buttons.
The only requirement is being logged in in clef(/waltz?). If the user has multiple sites saved in waltz chances of being logged in is very high. Leaving the computer unattended and unlocked for even a short amount of time has the risk of having every password stolen.
The current situation requires the user to either lock the computer or log out of clef completely.
My suggestion would be to either:
PS: Leaving the computer unlocked is a user error and it's completely the users fault. But I don't think waltz should increase the damage such error would cause by exposing every password.