Activity for Sworddragon
-
Sworddragon created ticket #2974
Unify the dialog to open a database and its error dialog
-
I'm very well aware of the threat from compromised upstream/downstream sources as well of some recent cases like some games on Steam. But those have nothing to do with the feature requested here as apparently almost everybody is still wrongly assuming I'm requesting a feature to enable automatic updates. But let's just go with your case and assume the KeePass repository would be compromised. Even in such a case the feature discussed here would not help infecting computer systems more than the current...
-
I see, but what is the main issue here? The main change that is needed is that the installer supports silent installations if it doesn't already, which effectively pre-selects the last settings the user choosed within it (which it already does) and simply continues while not being visible. That might be even useful as a feature request on its own. Other than that the main complexity comes from handling the network logic and handling the migration of the new installation but those are not too much...
-
I see, but what is the main issue here? The main change that is needed is that the installer supports silent installations if it doesn't already, which effectively pre-selects the last settings the user choosed within it (which it already does) and simply continues while not being visible. That might be even useful as a feature request on its own. Other than that the main complexity comes from handling the network logic and handling the migration of the new installation but those are not too much...
-
But your first paragraph does not apply here since the user always authorizes this action before a new version of KeePass is even downloaded. It would only be true if we would talk about true automatic updates (e.g. KeePass would do the checking, downloading and installing of updates periodically without user interaction) and not improving installing updates manually what this ticket requests. And while your second paragraph is true in general it involves an issue (if we ignore the extra work): More...
-
I see, but what is the main issue here? The main change that is needed is that the installer supports silent installations if it doesn't already, which effectively pre-selects the last settings the user choosed within it (which it already does) and simply continues while not being visible. That might be even useful as a feature request on its own. Other than that the main complexity comes from handling the network logic and handling the migration of the new installation on the cleaning up process...
-
There are already such feature requests? I have even searched before creating this one but the only ones I found were about automatic updates. And even Paul does wrongly assume I'm talking about automatic updates. But this ticket requests an improvement for doing explicit user-initiated manual updates which is a big difference. Unless there are indeed already such feature requests but then I have to complain to Google for not finding them (but their search engine isn't really good anymore) and even...
-
There are already such feature requests? I have even searched before creating this one but the only ones I found were about automatic updates. And even Paul does wrongly assume I'm talking about automatic updates. But this ticket requests an improvement for doing explicit user-initiated manual updates which is a big difference. Unless there are indeed feature requests but then I have to complain to Google for not finding them (but their search engine isn't really good anymore) and even more to SourceForge...
-
There are already such feature requests? I have even searched before creating this one but the only ones I found were about automatic updates. And even Paul does wrongly assume I'm talking about automatic updates. But this ticket requests an improvement for doing explicit user-initiated manual updates which is a big difference. Unless there are indeed feature requests but then I have to complain to Google for not finding them (but their search engine isn't really good anymore) and even more to Sourceforge...
-
Support initiating silent upgrades from the Update Check dialog
-
Mentioning in the installer that it supports upgrade installations
-
I have tested this now with KeePass 2.58 and all is working fine. I only see the entries for "Open/Copy" and Open with Firefox/Open with Firefox (Private)". I feared the information given by me might not have been enough but good to see that it probably was. Thanks again for doing all the work and fixing this issue.
-
I have thought about this more and yes, it probably should be limited to characters that are strictly uncountable, e.g. limiting it only to the underscore character for visible characters since it is the only one (I'm aware of) that usually merges pixel-perfect into its next one. If I would request this feature today, I probably would imagine it as an option in the "Advanced" tab in the password generator called "Exclude hard to count characters (whitespaces, zero-width characters, _) *".
-
Adding "Don't keep synchronisation data" to Database Settings -> Advanced
-
I actually kind of thought this ticket goes into a direction where this might be just an Edge-uninstaller bug - leaving simply too much remains and thus KeePass working correctly in this case. I would have even been fine with that, but that more complex detections are used/implemented will help in such cases. Nonetheless, thanks for all the work and the patch. I will test it in the future and report back if something behaves unexpectedly.
-
On checking if something specific is in those locations: Type (copy/paste): Reg.exe EXPORT HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet HKLM_SMI.reg /y There are 2 keys ("Firefox-random_characters" and "IEXPLORE.EXE") with one or more subkeys each. Type (copy/paste): Reg.exe EXPORT HKEY_CURRENT_USER\Software\Clients\StartMenuInternet HKCU_SMI.reg /y The same as above just that the key "IEXPLORE.EXE" is missing. Type (copy/paste): Reg.exe EXPORT HKEY_CLASSES_ROOT\microsoft-edge HKCR_URL.reg...
-
On checking if something specific is in those locations: Type (copy/paste): Reg.exe EXPORT HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet HKLM_SMI.reg /y There are 2 keys ("Firefox-random_characters" and "IEXPLORE.EXE") with one or more subkeys each. Type (copy/paste): Reg.exe EXPORT HKEY_CURRENT_USER\Software\Clients\StartMenuInternet HKCU_SMI.reg /y The same as above just that the key "IEXPLORE.EXE" is missing. Type (copy/paste): Reg.exe EXPORT HKEY_CLASSES_ROOT\microsoft-edge HKCR_URL.reg...
-
I just tried to reproduce this with an up-to-date Windows 11 24H2 system, but failed, because Microsoft Edge doesn't uninstall (the 'Uninstall' command is there, not grayed out, but it doesn't do anything). I have often seen reports of others and even seen it myself that uninstalling Microsoft Edge often misbehaves despite this being explicitly regulated by the EU which took effect this year. On one Windows 11 system that I maintain the uninstall button was grayed out until Microsoft Edge was at...
-
Edit: I forgot to mention that I see this here on a Windows 10 22H2 (64 bit).
-
URL context menu lists an uninstalled Microsoft Edge
-
Improving font settings in string fields
-
After the last patch-day from Microsoft which included an update to .NET Framework as well I tested this again: While the time is still stable with a maximum of 0.001 seconds difference on low times on multiple attempts and the 1 second delay test still yielding the same results, I'm able to achieve now 290000 iterations in 0.033 seconds instead of the 350000 before and 275000 before that. It looks like that .NET Framework updates do indeed play quite a role here and that I can probably safely assume...
-
When clicking the 'Test' button, KeePass 2.53.1 spawns a child process that performs the KDF computation. The child process uses the same KDF implementation as the main process. I think my wording was a bit off as I was meaning that the different ways the implementation is used (extra process versus main process) might lead to discrepancies. KDF computations are computationally intensive and the time they take are influenced by many factors, e.g. by other processes (including services, not necessarily...
-
When clicking the 'Test' button, KeePass 2.53.1 spawns a child process that performs the KDF computation. The child process uses the same KDF implementation as the main process. I think my wording was a bit off as I was meaning that the different ways the implementation is used (extra process versus main process) might lead to discrepancies. KDF computations are computationally intensive and the time they take are influenced by many factors, e.g. by other processes (including services, not necessarily...
-
KeePass 2.53.1 changed a bit the way testing here works and the changelog implies using an extra process is only done for testing but not for actually logging in into the database. When I did test this roughly a month ago again with KeePass 2.53 I still achieved ~275000 iterations in 0.033 seconds when I repeated the test a lot with the time varying around +/- 0.008 seconds. The 1 second test still resulted at ~11800000 +/- 100000 iterations. When I did test this now with KeePass 2.53.1 I was able...
-
KeePass 2.53.1 changed a bit the way testing here works and the changelog implies using an extra process is only done for testing but not for actually logging in into the database. When I did test this roughly a month ago again with KeePass 2.53 I still achieved ~275000 iterations in 0.033 seconds when I repeated the test a lot with the time varying around +/- 0.008 seconds. The 1 second test still resulted at ~11800000 +/- 100000 iterations. When I did test this now with KeePass 2.53.1 I was able...
-
KeePass 2.53.1 changed a bit the way testing here works and the changelog implies using an extra process is only done for testing but not for actually logging in into the database. When I did test this roughly a month ago again with KeePass 2.53 I still achieved ~275000 iterations in 0.033 seconds when I repeated the test a lot with the time varying around +/- 0.008 seconds. The 1 second test still resulted at ~11800000 +/- 100000 iterations. When I did test this now with KeePass 2.53.1 I was able...
-
KeePass 2.53.1 changed a bit the way testing here works and the changelog implies using an extra process is only done for testing but not for actually logging in into the database. When I did test this roughly a month ago again with KeePass 2.53 I still achieved ~275000 iterations in 0.033 seconds when I repeated the test a lot with the time varying around +/- 0.008 seconds. The 1 second test still resulted at ~11800000 +/- 100000 iterations. When I did the test this now with KeePass 2.53.1 I was...
-
I'm on Windows 10 21H2 (64 bit) and have 2 different .kdbx files on my desktop. I just double-click the first .kdbx file which causes the prompt for the master password to appear and after entering my password KeePass opens its window with maximized geometry. After that I just minimize KeePass into the taskbar and double-click the second .kdbx file which asks for the master password as well and alters then automatically the geometry of the KeePass window to a non-maximized state. I think this also...
-
Opening another database resizes the window
-
Making a right click on a group does not update other panes
-
Making tabs sortable (with the mouse cursor)
-
Set the key transformations to the maximum value that won't inconvenience you on all the devices where you use the same settings. The exact time it takes to complete the key transformations is not critical if you have a reasonable database master key. This is what I did - my master password is also pretty strong as I also assume they should be strong enough in general to resist attacks even if we would not have the feature of multiple key derivation iterations. Still, having multiple key derivation...
-
Set the key transformations to the maximum value that won't inconvenience you on all the devices where you use the same settings. The exact time it takes to complete the key transformations is not critical if you have a reasonable database master key. This is what I did - my master password is also pretty strong as I also assume they should be strong enough in general to resist attacks even if we would not have the feature of multiple key derivation iterations. Still, having multiple key derivation...
-
Improving time-measurements for key derivation iterations
-
Making the local manual more easily accessible
-
The documentation looks now good here and it solves this ticket. Thank you very much for enhancing this.
-
Adding them to the documentation instead seems fine as well. I have just a minor complaint here: The documentation lists them as "(e.g. O0, Il1|)" which implies due to the "e.g." that the list is not complete and this might confuse users. This even throws in the question for me: Is the list documented here complete and should the "e.g." just be removed?
-
Or he just brute-forces on the recent leaked database (e.g. Twitch) to guess the password. But yes, as I already sayed a good password should still resist all those attacks - but it still doesn't hurt trying to avoid potentially weakening the password.
-
Or he just brute-forces on the recent leaked database (e.g. Twitch) to guess the password. But yes, as I already sayed a good password should still resist all those attacks - the knowledge of the password metrics should be quite less worth than 1 removed character of the password length depending on the used metrics. But it still doesn't hurt trying to avoid potentially weakening the password.
-
Or he just brute-forces on the recent leaked database (e.g. Twitch) to guess the password. But yes, as I already sayed a good password should still resist all those attacks - the knowledge of the password metrics is probabably less worth than 1 removed character of the password length. But it still doesn't hurt trying to avoid potentially weakening the password.
-
Or he just brute-forces on the recent leaked database (e.g. Twitch) to guess the password. But yes, as I already sayed a good password should still resist all those attacks - the knowledge of the password metrics is probabably less worth than 1 removed character of the passwor length. But it still doesn't hurt trying to avoid potentially weakening the password.
-
and probably use always the default settings in that case. Using derived settings etc. should be fine as well here (I wished SourceForge would allow to edit the original post so I would not have to correct this here). On thinking about this a bit more I'm now even wondering if other similar menus that save their settings can leak potential problematic details as well. For example with just creating https://sourceforge.net/p/keepass/feature-requests/2714/ before this ticket I'm curious if such a use...
-
and probably use always the default settings in that case Using derived settings etc. should be fine as well here (I wished SourceForge would allow to edit the original post so I would not have to correct this here). On thinking about this a bit more I'm now even wondering if other similar menus that save their settings can leak potential problematic details as well. For example with just creating https://sourceforge.net/p/keepass/feature-requests/2714/ before this ticket I'm curious if such a use...
-
On thinking about this a bit more I'm now even wondering if other similar menus that save their settings can leak potential problematic details as well. For example with just creating https://sourceforge.net/p/keepass/feature-requests/2714/ before this ticket I'm curious if such a use case via the Find menu has potential to leak information here as well. Edit: I just noticed while the Find menu saves its settings it does not save the entered string so the Find menu might be actually fine here.
-
On thinking about this a bit more I'm now even wondering if other similar menus that save their settings can leak potential problematic details as well. For example with just creating https://sourceforge.net/p/keepass/feature-requests/2714/ before this ticket I'm curious if such a use case via the Find menu has potential to leak information here as well.
-
Option to disable saving of the last used password generator settings
-
Making look-alike characters in the password generator selectable
-
Asterisks don't need to be shown on empty passwords
-
What characters are zero width? Zero width characters are invisible characters that also have no width and thus are usually difficult to detect in text (for example in Unicode there are hundreds of such characters). How are you getting them to enter into KeePass? For example you can get them into KeePass by copying data if the source somehow contains unexpectedly such a character. Unless one is aware of this issue probably nobody can tell if they ever copied such a character by accident in the past...
-
Option to display zero-width characters with placeholders
-
Referencing a string field does not honor its protection flag
-
Sadly I'm not an expert with URL's and was just evaluating a privacy issue related to the theoretical possibility of websites hiding characters in URL's to add entropy via them and had to look up the URL information. I also can't find any information what a server parameter in a FTP URL would look like but instead that the FTP URL path can be encoded as well. Besides that the information I found earlier that spaces in URL's must be encoded in general to be valid. But also the RFC's changed several...
-
Sadly I'm not an expert with URL's and was just evaluating a privacy issue related to the theoretical possibility of websites hiding characters in URL's to add entropy via them and had to look up the URL information. I also can't find any information what a server parameter in a FTP URL would look like but instead that the FTP URL path can be encoded as well. Besides that the information I found earlier that spaces in URL's must be encoded in general to be valid. But the RFC's changed several times...
-
Sadly I'm not an expert with URL's and was just evaluating a privacy issue related to the theoretical possibility of websites hiding characters in URL's to add entropy via them and had to look up the URL information. I also can't find any information what a server parameter in a FTP URL would look like but instead that the FTP URL paths can be encoded as well. Besides that the information I found earlier that spaces in URL's must be encoded in general to be valid. But the RFC's changed several times...
-
URL field supports unsupported characters
-
Database setting to disable creation/modification times
-
With the tooltips now staying longer and https://sourceforge.net/p/keepass/bugs/2036/ being fixed the tooltips are now much better readable. The main issue so far I see now is that the tooltip content is moderately early cut of due to limited tooltip width which does also not utilize the full screen width. But if support for newlines in tooltips will be implemented at some point in the future I guess this will also more or less take care of those issues.
-
But the controlling logic is handled by KeePass which could introduce bugs as well. It also seems the nature of this bug makes it dependent on the users mouse behavior, e.g. fast mouse movements are more affected than slow mouse movements. This issue also appears very frequently here and acts very broken and while it is not impossible to be a .NET Framework bug it would be a bit interesting (but not surprising) if all related .NET Framework applications would be affected by it. Still, it could be...
-
But the controlling logic is handled by KeePass which could introduce bugs as well. It also seems the nature of this bug makes it dependent on the users mouse behavior, e.g. fast mouse movements are more affected than slow mouse movements. This issue also appears very frequently here and acts very broken and while it is not impossible it would be a bit interesting (but not surprising) if all related .NET Framework applications would be affected by this bug. Still, it could be indeed a bug in the...
-
Unifying Auto-Type setting from entries to that of groups
-
Yes, this is another example case where this issue happens. For this case it seems to happen when another opened menu is being hovered into (e.g. moving the mouse from Find to View) but the hovered menu (here View) is being unhovered (e.g. by moving the mouse up) before the entries from its menu could actually open.
-
Indeed, this is another example case where this issue happens. For this case it seems to happen when another opened menu is being hovered into (e.g. moving the mouse from Find to View) but the hovered menu (here View) is being unhovered (e.g. by moving the mouse up) before the entries from its menu could actually open.
-
Opened menu unexpectedly closes
-
Referenced passwords are flooding the duplicate/similar passwords menus and making them less useful
-
Referenced passwords do not show the character length/quality
-
And as pointed out in https://sourceforge.net/p/keepass/feature-requests/2672/ this would also increase the security since it makes it possible to evaluate past string fields for minimum security via derived settings in the password generator.
-
And as pointed out in https://sourceforge.net/p/keepass/feature-requests/2672/ this would also increase the security since it makes it possible to evaluate past string fields for minimum security via derived settings in the password manager.
-
Ability to open the password generator on a string field
-
I just got an alternative idea how to avoid the issue with the too easily predictability due to drawing from too small charactersets: Instead of naming such an option "Each characterset must occur at least once" it could be named "Each of a chosen number, lowercase letter, uppercase letter and one other character must occur at least once" - as it would then merge all special characters for this purpose (Minus, Underline, Space, Special, Brackets, Latin-1 Supplement, eventual extra included characters)...
-
I just got an alternative idea how to avoid the issue with the too easily predictability due to drawing from too small charactersets: Instead of naming such an option "Each characterset must occur at least once" it could be named "Each of a chosen number, lowercase letter, uppercase letter and one other character must occur at least once" - as it would then merge all special characters for this purpose (Minus, Underline, Space, Special, Brackets, Latin-1 Supplement) that the user has opted in into...
-
But one issue I currently see is that sub-charactersets with only a few characters (Space, - and _) can be an issue due to too easy predictability Predictability of characters makes absolutely no difference to security if the password is is not guessable using standard dictionary attacks. If you have to brute force the password then all characters are equally secure. I think you are incorrect here at the bruteforce part as algorithms can be optimized to bruteforce more likely passwords. To reflect...
-
At least the opportunity to guarantee at least 1 character from every chosen characterset probably even increases the security. It will decrease the maximum security since the password was generated in a predictable manner but it will increase the minimum security with having a guaranteed wider characterset and e.g. avoid accidental weak passwords that might be more vulnerable to a bruteforce attack (e.g. opting into letters, numbers and special characters but the result has only letters). In my...
-
At least the opportunity to guarantee at least 1 character from every chosen characterset probably even increases the security. It will decrease the maximum security since the password was generated in a predictable manner but it will increase the minimum security with having a guaranteed wider characterset and e.g. avoid accidental weak passwords that might be more vulnerable to a bruteforce attack (e.g. opting into letters, numbers and special characters but the result has only letters). In my...
-
Option to exclude (font-/metric-dependent) uncountable characters
-
Thanks for all the information. https://sourceforge.net/p/keepass/feature-requests/2409/ seems to pretty much request the same as https://sourceforge.net/p/keepass/feature-requests/2304/ so I will continue participating in the latter. And I think for the remaining issue instead of mentioning it just as eventual dependency I just handle the problem independently from the initial issue since I think I have a more clear idea for it.
-
Thanks for all the information. #2409 seems to pretty much request the same as #2304 so I will continue participating in the latter. And I think for the remaining issue instead of mentioning it just as eventual dependency I just handle the problem independently from the initial issue since I think I have a more clear idea for it.
-
Option for password generator to guarantee each sub-chacterset to occur at least once
-
Support for credential-less databases
-
Tooltips are a property of the Entry List. I suspected this too and thus the reflection of the replaced newline with a space in the tooltip. I hope the .NET Framework does not strictly limit here and does allow custom tooltips so the original data can be used. Alternatively (but probably not a desired solution) cheesy solutions could be tried to achieve (faking tooltips; using an invisible entry with the original data; etc.).
-
If I got this correct you were able to reproduce the issue. If I did misunderstand something feel free to tell me about it.
-
I also get only the reference ID in the preview pane but the actual (slightly malformed) data in the "Notes" column.
-
This does not work if the notes are referenced as the preview pane does then show the reference ID instead. (Also, this throws the question why we have tooltips if we shall not really use them)
-
Increasing readability of tooltips
-
Note column and its tooltip breaks if it references other notes
-
Creating /run/user/_uid_ on login
-
I have now noticed something else with shortcuts: If a shortcut is created after changes were made to the related start menu entry another change will cause that the shortcut will map to these changes while a shortcut created before changes were made to the related start menu entry will not. So there is a small inconsistent behavior.
-
Is it really so much darker so it would be an issue (as I have a hard time to imagine why this should make troubles)?. But the current state with 90% isn't the holy grail too. Are there other options that might be able to solve this issue (like a dark separation line - but I'm not sure about it)?
-
Is it really so much darker so it would be an issue (as I have a hard time to imagine why this should make troubles)?. But the current state with 90% isn't the holy grail too. Are there other options that might be able to solve this issue (like a dark separation line - but I'm not sure about it)?
-
Thanks for the information as the styling seems to be not explained at the link above (maybe it is hidden somewhere else). One interesting thing is if you leave style..33 empty ("style..33=") the background color gets just very minimal darker (and this is enough to look fine then for a light design) while I would expect it to either basically break or just to use the default. Neil, can you check the the line sidebar with "style.*.33=" and tell us if this would be light enough to be a default? Because...
-
Thanks for the information as the styling seems to be not explained at the link above (maybe it is hidden somewhere else). One interesting thing is if you leave style..33 empty ("style..33=") the background color gets just very minimal darker (and this is enough to look fine then for a light design) while I would expect it to either basically break or just to use the default. Neil, can you check the the line sidebar with "style.*.33=" and tell us if this would be light enough to be a default? Because...
-
Thanks for the information as the styling seems to be not explained at the link above (maybe it is hidden somewhere else). One interesting thing is if you leave style..33 empty ("style..33=") the background color gets just very minimal darker (and this is enough to look fine then for a light design) while I would expect it to either basically break or just to use the default. Neil, can you check the the line sidebar with "style.*.33=" and tell us if this would be light enough to be a default? Because...
-
Thanks for the information as the styling seems to be not explained at the link above (maybe it is hidden somewhere else). One interesting thing is if you leave style..33 empty ("style..33=") the background color gets just very minimal darker (and this is enough to look fine then for a light design) while I would expect it to either basically break or just to use the default. Neil, can you check the the line sidebar with "style.*.33=" and tell us if this would be light enough to be a default? Because...
-
You said above that I shall change the settings if I want different visuals and so I made a look at http://www.scintilla.org/SciTEDoc.html to figure out which setting changes the background color for the line sidebar. On searching for color and colour I did found the option to change the folding sidebar color (fold.margin.colour) but I couldn't find anything to change the line sidebar color. I would expect it to be something like line.margin.colour and on trying my luck on it it had no effect. Do...
-
You said above that I shall change the settings if I want different visuals and so I made a look at http://www.scintilla.org/SciTEDoc.html to figure out which setting changes the background color for the line sidebar. On searching for color and colour I did found the option to change the folding sidebar color (fold.margin.colour) but I couldn't find anything to change the line sidebar color. I would expect it to be something like line.margin.colour and on trying my luck on it it had no effect. Do...
-
Which does then mean that the line sidebar was 2,4 times darker before - that's more than just significant. However, as mentioned above a TN panel contributes negatively to the remaining 10% while 24% could catch this better. In case you get the chance for it you should really check this on a TN panel at the different heights.
-
Which does then mean that the line sidebar was 2,4 times darker before - that's more than just significant. However, as mentioned above a TN panel contributes negatively to the remaining 10% while 24% could catch this better. In case you get the chance for it you should really check this on a TN panel at the different heights.
-
What are 76%, 90% and 100% referencing to?
-
What are 76%, 90% and 100% referencing to?
-
Not sure what window backgrounds have to do with it as the window is normally in it's own context. But maybe there are some window managers that do not draw strict separation lines. 'actually hurts the eyes' is hyperbolae No, it isn't. But maybe this is more hard to notice on an IPS panel. But on a TN panel (which still might be the default) on the top the sidebars have a halfway good contrast while at the bottom they nearly merge. Maybe this case was not considered - probably many designers miss...
1 >
