#2462 Security - Always hide passwords when a database gets opened

[Petr Bodnár]

Currently, when one toggles the passwords' visiblity (by pressing Ctrl+H -> passwords get shown in plain text instead of asterisks in the list), then exits the program and reopens the database again, the passwords are still shown in plain text.

This could be considered as a security issue. So could you please add an option to "always hide passwords by default", whilst also making this the default behavior?

[Petr Bodnár]

Two months have passed... Shouldn't someone start to care? Moreover when so many people, or at least admins ;), seek for "security for every price" nowadays?

[Paul]

We haven't had a release since May so your request could be in the next version.

cheers, Paul

[Dominik Reichl]

I've now added an option 'Remember password hiding setting in the main window' (in 'Tools' → 'Options' → tab 'Advanced'). The option is turned on by default (i.e. same behavior as KeePass 2.42.1); I think that most users want their view settings to be remembered.

Here's the latest development snapshot for testing:
https://keepass.info/filepool/KeePass_190805.zip

Thanks and best regards,
Dominik

[Paul]

Looks good!

cheers, Paul

[Petr Bodnár]

Hi Dominik, thanks for the extension, it does look functioning. Although my opinion on the setting's default value differs, thank you for having this security option at least. BTW Haven't you thought about moving the now-already-two "Remember password hiding..." options to the 'Security' tab?

Best regards,
Petr

[Dominik Reichl]

Great, thanks for testing it. I think the remembering options are fine on the 'Advanced' tab.

Best regards,
Dominik