#83 Allow different "quick-unlock" password for un-minimizing

open
nobody
None
5
2012-09-17
2003-08-08
Anonymous
No

I'd like a level of security during the day that's
somewhere between having no protection while open, and
having to enter my whole long password every time I
minimize the window. I'd suggest another "quick-lock"
option wherein you'd have a different password to
reopen the window after minimization. This could be
very short and simple password that would be enough to
keep prying eyes out.

Discussion

  • Rony Shapiro

    Rony Shapiro - 2003-08-09

    Logged In: YES
    user_id=370700

    This seems problematic to me - an attacker could just reset
    the machine's time to "day" and have a much weaker level of
    security to deal with.

    The requested functionality can be approximated by manually
    changing the password back and forth at the beginning and
    the end of the day.

    If nobody provides more input to this request, I'll close it in a
    couple of weeks.

     
  • Nobody/Anonymous

    Logged In: NO

    >This seems problematic to me - an attacker could just reset
    the machine's time to "day" and have a much weaker level of
    security to deal with.

    There is no notion of time here. The idea is that if I log
    in the first time with my long password and I'm in a
    relatively safe environment, I can choose use use a 2nd,
    presumably simpler password with the "Lock Database when
    Minimized" option. Thereafter until the program is
    restarted or I turn off the feature, this new password will
    be used. This would allow me to quickly substitute a 4
    digit PIN or some easy password to keep a casual passerby
    from peeking at my data at work. Once I exit and restart
    the program, that feature would automatically be disabled
    again. An analogy would be the locks on your front door vs.
    the bathroom door.... Once you've unlocked deadbolts and
    entered the house, you're a trusted person. The bathroom
    door lock can be be much less secure robust since it is
    serving a different purpose.

    > The requested functionality can be approximated by manually
    changing the password back and forth at the beginning and
    the end of the day.

    True, but that seems both tedious and potentially fraught
    with error.

    Hopefully this explains a bit better the intention of my
    request.

     
  • Jeff Lawson

    Jeff Lawson - 2004-07-18

    Logged In: YES
    user_id=511066

    Clarifying summary.

     
  • Lawrence D.

    Lawrence D. - 2005-04-22

    Logged In: YES
    user_id=1129547

    I'd also like an option to simplify the "un-minimizing"
    master password request.
    I usually use a VERY long master password (passphrase, I
    should say) - over 30 characters long, with not-easily
    guessed "words".
    It provides quite a strong guarantee of safety, should
    someone get a copy of my password database, but it's
    termendously tedious to retype when, for instance, I leave
    my workstation for a while and lock the PC. Since, as a
    further security measure, I use the option of locking the
    database when the PC is locked, I always have to retype the
    master password any time I unlock the PC and try to
    unminimize password-safe.
    I would really appreciate a "middle-way" solution between
    this situation, and the "no-pwdsafe-db-lock on workstation
    lock" option.

    I suggest an option which could allow to delay the "true"
    lock of the database when minimizing the app/locking the
    workstation.
    This option would be secured with another password (which
    could so be easier to type). If the user doesn't type this
    password within a given amount of time (user selectable),
    the database would really be locked, as usual.

    This could seem a duplicate of the "minimize after xxx min
    idle" option, but it isn't. It would be a second level of
    "softer security", or "grace period", if you prefer.

    It's really annoying being, say, called in a colleague's
    office for a couple of minutes now and then, and be forced
    afterwards to retype the master password over and over again.

    Thank you very much.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks