I would like to know if it's possible to disable the [...] button which allow to see the password. Because I tried to enable the option "Disable unsafe actions" and the Mini-mode, but the button is still there.
I'm using Keepass 1.
Thank you for helping.
Regards.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi Thomas,
I assume that you would like to disable the '... ' for security purposes. But if somebody gets hold of you open Database , he will also know how to enable the '... '
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Why not make it a policy then? I actually would like this option too. To re-enable a policy, like checking save database, requires restarting KeePass. They still would need the master password to get back in to see the changes.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The [...] button is useful to hide passwords from somebody looking over your shoulder into your open database.
Otherwise it does not hide anything. Go to Export and export your Database to any place and see how long that takes. If a crook has access to your open database he'll have your entire database in a matter of seconds.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Export is a policy you can disable so it wouldn't do a "crook" any good unless they change the policy and restart KeePass (for it to take affect). And then they will need to know the master password first. On my laptop I have every policy from save and export disabled so that the only thing I can do is browse the DB, use auto-type and open it the DB from a webserver.
Since I don't need to unmask the password (since I can't change or add entries and save them) this would be a good policy to have. I don't think its something direly needed, but more of another nice feature to have. If I step away to run to the bathroom someone can't click on .... and see the password real quick. (of course I would lock it, but its the principle here)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi DNic,
I you "step away to run to the bathroom" and leave your open Database, a 'good friend' can come by and drag n drop your Title,User Name, Password and URL into an address line of any browser. He than can scoop it up and place it somewhere in his USB. In a matter of a couple of minutes he can have a few dozen entries.
And yes, the hidden passwords will be unhidden
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Yes I understand this......but this is assuming the person knows how to use KeePass. I can tell you the majority of people (that I know) won't know that they can drag it over and have it exposed in the URL filed. However they will more likely know that clicking on the ... to expose the password.
I'm not saying this is foolproof, but like the OP was getting at I think it would be a great addition for a policy.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I would like to know if it's possible to disable the [...] button which allow to see the password. Because I tried to enable the option "Disable unsafe actions" and the Mini-mode, but the button is still there.
I'm using Keepass 1.
Thank you for helping.
Regards.
Hi Thomas,
I assume that you would like to disable the '... ' for security purposes. But if somebody gets hold of you open Database , he will also know how to enable the '... '
Why not make it a policy then? I actually would like this option too. To re-enable a policy, like checking save database, requires restarting KeePass. They still would need the master password to get back in to see the changes.
No point in having this as an option. If bad guys can open your database they have all your passwords.
cheers, Paul
Ok, I just wanted to hide this dangerous button (for security).
I hope that we can disable it in a future version.
The [...] button is useful to hide passwords from somebody looking over your shoulder into your open database.
Otherwise it does not hide anything. Go to Export and export your Database to any place and see how long that takes. If a crook has access to your open database he'll have your entire database in a matter of seconds.
Export is a policy you can disable so it wouldn't do a "crook" any good unless they change the policy and restart KeePass (for it to take affect). And then they will need to know the master password first. On my laptop I have every policy from save and export disabled so that the only thing I can do is browse the DB, use auto-type and open it the DB from a webserver.
Since I don't need to unmask the password (since I can't change or add entries and save them) this would be a good policy to have. I don't think its something direly needed, but more of another nice feature to have. If I step away to run to the bathroom someone can't click on .... and see the password real quick. (of course I would lock it, but its the principle here)
Hi DNic,
I you "step away to run to the bathroom" and leave your open Database, a 'good friend' can come by and drag n drop your Title,User Name, Password and URL into an address line of any browser. He than can scoop it up and place it somewhere in his USB. In a matter of a couple of minutes he can have a few dozen entries.
And yes, the hidden passwords will be unhidden
Yes I understand this......but this is assuming the person knows how to use KeePass. I can tell you the majority of people (that I know) won't know that they can drag it over and have it exposed in the URL filed. However they will more likely know that clicking on the ... to expose the password.
I'm not saying this is foolproof, but like the OP was getting at I think it would be a great addition for a policy.