[request] Auto-close entry / Auto-save entry after timeout

Daniel
2013-11-12
2014-10-11
  • Daniel
    Daniel
    2013-11-12

    (preambel, forum search seems to be unavailable at the moment, "[Errno 111] Connection refused" - sorry if this topic should have been discussed before)

    Problem: there are useful options to auto-lock an inactive workspace after a certain time. However, these options are ineffective while an entry dialog is open. In other words: The whole DB remains in unlocked state allover the time if the user forgets to close an entry dialog before. I think this is a severe security risk! (...and I struggled already many times in this trap)

    Proposal: Add the following options on the keepass options dialog, tab 'Security':

    [ ] Auto-close entry after user inactivity (seconds) __
    (x) Auto-confirm modified entry when closing it
    ( ) Cancel modified entry when closing it

    Legend: [ ] demarks a checkbox, ( ) demarks a radio button, __ demarks an entry or spinner field

     
  • Daniel
    Daniel
    2013-11-12

    ...or even simpler (because nobody wants to auto-cancel a modified entry:

    [ ] Auto-close and confirm an open entry dialog after user inactivity (seconds) _

    This request affects KeePass 2.x

     
    Last edit: Daniel 2013-11-12
  • wellread1
    wellread1
    2013-11-12

    See the technical FAQ: Why doesn't KeePass lock when Windows locks and a KeePass sub-dialog is open? for why this won't be implemented. There are three alternatives that I can think of:

    1. Set Windows to lock after a period of inactivity.
    2. Adjust your KeePass work habits. It is possible to use KeePass so that the Add/Edit sub-dialogs are only open when you must add or edit entries. Such changes should be made only when you have sufficient time to complete the add or edit operation.
    3. Build a plugin to implement your preferred work flow.

    Edit: fixed incorrect link to FAQ

     
    Last edit: wellread1 2013-11-12
  • Paul
    Paul
    2013-11-12

    Which means the KeePass behaviour is not going to change, despite numerous requests.

    cheers, Paul

     
  • BrianS
    BrianS
    2013-11-14

    I was thinking along the same lines. I sometimes leave keypass open and it would be great if keypass would lock itself i.e. force a re-enter the password for the open file) after an inactivity timeout. Yes I'm stupid to walk away from my PC without locking it or having a screen saver kick in etc... but it doesn't mean I should lose my most secret data because of keypass is only paranoid and not super super paranoid about protecting that extremely important data vs I really don't give a fig if someone starts playing around with my unlocked PC. I vote for a 'lock keypass after inactivity timeout' feature.

     
    • MBme
      MBme
      2014-10-11

      This should really be re-examined. The failure to lock after while a dialog is open is a huge security hole, defeating everything else in the program.

       
  • wellread1
    wellread1
    2014-10-11

    An alternative view is that the behavior is simple program behavior that reflects best practice. Editing an entry should not be viewed as a casual activity that can be interrupted. KeePass allows the user to abort the edit, or complete the edit. Intermediate behavior creates a more complicated decision tree that is more error prone.

     
  • wellread1
    wellread1
    2014-10-11

    If you would like the ability to edit at will without inhibiting the KeePass locking routine, the KPEnhancedEntryView plugin offers an excellent solution for most entry editing tasks. I use this plugin and like it quite a lot.