Password fields

[joeworkman]

It would be nice to have the ability to have a field that the values are not readable inside the settings.

If we could somehow encode that all the better. But at least hiding it from public view in the settings is a start.

[yourhead]

passwords require a few bit:

1. The field itself is a different class NSSecureTextField. Along with the obvious bullets-instead-of-text visible changes -- there are a lot of behind the scenes changes that ensure the password you type isn't easily accessible in memory.

2. Storing the password means writing it out the macOS Keychain. that's pretty easy -- but it does mean that there's a bit more UI and interaction compared to plain vanilla text field.

3. And the last bit is the sort of challenging part -- when the password gets used by the app -- it shouldn't be left hanging around in memory or easily available in some property or parameter. I'm not quite sure how I can easily pass this off to a stack. What would the stack do with that password??? Pretty much everything that a stack can do is insecure.

So... Question back to you: if I gave you a password field -- what would you do with that?

[joeworkman]

I have a few password protection stacks such as PageSafe. I know that you are passionate about giving the user the wrong impression that the password is secure when its inserted as plain text into a PHP file (every use case that I have right now).

Yes. The password is in plain text inside of a PHP file. However, its not publicly accessible. Almost every single web app/framework out there stores database configuration and passwords inside PHP or whatever language files the framework is using. The only way to access these values is if you have access to the server itself. I am happy with that level of security, especially for things like passcodes for logging into an admin page.

[joeworkman]

What if we just had an option for a text field that had the option to show/hide actual content of the setting. Maybe with an fa-eye icon or something similar.

[yourhead]

like i told Bill in Slack. Pretend security is an app store rejectable offense. and with good reason.

Maybe you can tell, but I think is just a very bad idea as you’ve described it. I’d really like to help solve the problem in the right way. The right way would be to collect secure info and transmit it to somewhere in an end to end secure way. I can do that, but you’re going to have to give me lots more details about the specific application.

[joeworkman]

I can totally see where you are coming from. The simplest use case is the ability to store a login password. On the server I store the passcode inside PHP file. I then verify that the passcode is the same as the one entered into the login form.

• the php file that stores the password is an each scoped file template.
• the verification happens over an AJAX request.
• I do not send the password over plan text in the AJAX request. I add some salt to the string, then base64 encode it. I do the same on the server side and then compare the base64 encoded strings.

Passwords could be an interesting use case for PHP preprocessor #783. We could use PHP to obfuscate the password so that it is not plain text in the PHP file.