Handle entries without password
See original GitHub issueGeneral information
- Operating system + version: Ubuntu 18.04
- Browser + version: Firefox 72
- Information about the host app:
- How did you install it? downloaded a pre-built binary
- If installed an official release, put a version (
$ browserpass --version
): 3.0.6
- Information about the browser extension:
- How did you install it? firefox webstore
- Browserpass extension version as reported by your browser: 3.4.1
Exact steps to reproduce the problem
-
Create a pass entry without content or with content
Password:
-
Fill the entry on the detected url login field
What should happen?
I would expect browserpass to insert the username and leave the password field empty, maybe even focus the password field so that i can manually fill it.
The user story behind this feature is maybe the fact that this is not “your” password and you are therefore not allowed to store the password or you do not want to store the password personally.
What happened instead?
You have to differentiate the empty entry from the empty password line:
- Entirely empty pass entry:
- Automatic fill without opening the UI fills the username from the entry file name and the focus stays on the username input field.
- Filling from the Popup-UI (with mouse or keyboard) fills the username, but focus stays on the extension popup with a red error message
Error: Error: value is undefined
- Having a line
Password:\n
with or without a username line fills the string ‘Password’ into the password input field
Issue Analytics
- State:
- Created 4 years ago
- Comments:6 (1 by maintainers)
Top Results From Across the Web
How To Manage Stored User Names and Passwords on a ...
This article describes how to manage stored user names and passwords on a computer that is not a member of a domain. When...
Read more >Password-protected trust store created with keytool displays ...
keytool provides a warning, but lists no entries. Now if I generate a trust store and import the certificate the same way with...
Read more >The keytool Command - Oracle Help Center
If the source entry is protected by a password, then -srcstorepass is used to recover the entry. If -srcstorepass is not provided or...
Read more >Secure Password Handling in Python | Personal Website & Blog
To create and retrieve an entry, we can just use set_password and get_password respectively. In addition to that, also get_credential can be ...
Read more >Manage passwords using keychains on Mac - Apple Support
On your Mac, digital keychains can help you keep track of and protect passwords, account numbers, and other confidential information.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I share the same opinion, we can make it so that an empty file / empty first line /
password:\n
do not generate errors, but setting the focus inside password field and prompting the user to fill it seems not only niche but also against the whole idea that we don’t want to encourage people to fill out passwords manually to prevent phishing attacks.@erayd @maximbaz Don’t get me wrong, I’m totally fine with the solution and I don’t want any keepass clone, otherwise I would not be here wit pass and browserpass.
I reevaluated the behavior I was used to with tusk (browser extension for keepass files) and found out that focus on the password field is the default behavior for all entries and you can submit from there by pressing enter. This mimes the user input best in my opinion but I totally do not require this behavior.
Anyway, thanks for your responses and I want to contribute in the future, I’m just too busy at the moment so I won’t create a PR for the error handling.