#1637 Default Global auto-type setting can be dangerous

KeePass
closed
nobody
5
2012-12-14
2012-09-10
No

I just installed KeePass for the first time and ran into something that was a bit scary. While testing the Global auto-type feature, I was surprised that KeePass entered my Google account login information into a 3rd party site. After looking at it a little I realized that my Account in KeePass was named "Google" and the Chrome browser window title for the 3rd party site was: XXXXX- Google Chrome.

I know this can be fixed by disabling the setting in Options to match if contained. Still, it would be good if that were disabled as the default. Either that or maybe have a confirmation window saying which account will be entered.

Other than that, so far I think KeePass is Great

Discussion

  • Paul

    Paul - 2012-09-11

    Change your KeePass entry Title to match the Google login page "Google Accounts", or add a Target Window of "Google Accounts*".

    cheers, Paul

     
  • Dominik Reichl

    Dominik Reichl - 2012-09-30
    • status: open --> closed
     
  • Dominik Reichl

    Dominik Reichl - 2012-09-30

    Although mismatches can occur rarely, I believe this option highly increases usability and thus will continue to be enabled by default.

    Best regards
    Dominik

     

Log in to post a comment.