Diffusion GnuPG Password Manager 0498dd686244

Don't show a TOTP secret when selecting a password entry in the main window
0498dd686244
Actions

Description

Don't show a TOTP secret when selecting a password entry in the main window

Knowing the TOTP secret for a password entry allows somebody to recreate
the whole OTP sequence so it definitely shouldn't be displayed in the
clear.

In fact, it shouldn't be displayed at all in the main window since the
proper way to utilize a TOTP entry is to click the "OTP" button to generate
a new OTP (rather than to copy the secret to the clipboard like it was a
password).

The password edit dialog isn't affected by this change and will still show
the whole entry, including its TOTP secret if present.

Details

Provenance

mss	Authored on Sep 28 2019, 12:50 AM

Parents

rGPGPASS3c97670a8847: Emit passShowHandlerFinished signal in MainWindow::passShowHandler()

Branches

Unknown

Tags

Unknown

Event Timeline

Changes (3)

Path

Size

src/

filecontent.cpp

filecontent.h

mainwindow.cpp

rGPGPASS0498dd686244

View Options

src/filecontent.cpp

View Options

src/filecontent.h

View Options

Don't show a TOTP secret when selecting a password entry in the main window0498dd686244Actions

Description

Details

Event Timeline

Changes (3)

rGPGPASS0498dd686244

src/filecontent.cpp

src/filecontent.h

src/mainwindow.cpp

Don't show a TOTP secret when selecting a password entry in the main window
0498dd686244
Actions