Adam Tsiopani

For what it's worth, I think the best behaviour would be to validate the auto-type configuration prior to saving the entry. This would ensure that invalid auto-types never get to be used. I don't really understand why it would ever be desirable to display the password in the dialog. KeePass makes every effort to mask the password on-screen in all other areas of the UI, unless the user specifically requests to see it. This behaviour should be consistent IMO.

I agree fully with your statement, but I disagree that it applies in this context. Not a bug: I misconfigured Auto-Type and it resulted in my password being visible in the address bar of Chrome instead of the password box. A bug: I used the wrong tag format for KeePass. It didn't validated my tags when I saved the configuration. If it did, it could have warned me that {+TAB} is an invalid tag. It attempted to use these tags when i performed auto-type. The resulting dialog box that popped up has the...

I agree fully with your statement, but I disagree that it applies in this context. Not a bug: I misconfigured Auto-Type and it resulted in my password being visible in the address bar of Chrome instead of the password box. A bug: I used the wrong tag format for KeePass. It didn't validated my tags when I saved the configuration. If it did, it could have warned me that {+TAB} is an invalid tag. It attempted to use these tags when i performed auto-type. The resulting dialog box that popped up has the...

KeePass leaks password to screen when auto-type incorrect