PasswordMaker Forums
Firefox/SeaMonkey/Mozilla/Netscape/Flock Browser Extension => Feature Requests / Enhancements => Topic started by: Romeo on September 27, 2005, 11:50:41 PM
-
Boy, all the things that happen on my way home. I left work and my post was the last one. I came home and a bunch of new posts have been added.
Eric, you asked about my request for hiding the account tree. I guess that is not so imortant. However, I think it would be a good idea to not have PM enter the username, when the password is not supplied correctly. In other words, one could use the MPW to hash the username and when someone, who doesn't know the MPW goes to a web site, PWM just enters the username un-hashed with the incorrect password.
In other words, when PWM stores the username, it stores it hashed / encrypted with the MPW. I hope that this explanation makes sense to you and I do not think that this is a very special request, as it 'decurifies ' :) PWM that much more.
-
However, I think it would be a good idea to not have PM enter the username, when the password is not supplied correctly.
Seconded.
-
Excellent idea. I've split this into its own topic since it wasn't really related to the topic in which it was originally posted (http://forums.passwordmaker.org/index.php?showtopic=256).
Tyrantmizar, can you add this to the FRL? It should be implemented quickly because it is a security risk, IMHO.
-Eric
-
This is actually a new 'request', because I had pointed that out somewhere else before. I gues it was somethime after the username population feature was added.
-
It should be implemented quickly because it is a security risk, IMHO.
O_o How the heck is the current system a security risk? If you're worried about someone figuring out your username, I doubt this is the way to do it. Personally, I think it would be a bigger security risk to store the MPW to disk, in any form. Why would you password-protect the username, something anyone can view by hitting Ctrl` by the way, with the MPW, possibly the most crucial part of the ecryption sequence (the url and character set are the close second and third)!?!
Someone please explain to me how this adds security!?!
-
I wasn't going to encrypt the username (as Romeo had suggested). I was only going to prevent username auto-population if you couldn't enter the MPW successfully. However, you are correct--anyone can view this info by bringing up the PasswordMaker dialog. This circles back to Romeo's original idea, which was to hide the entire accounts tab unless/until one could enter the master password.
That's probably the best -- and most appropriate -- solution.
-
Eric, that is correct and come to think of it, if you were to encrypt the username, someone could just try a bunch of MPWs until the output makes sense, unless someone were to use hyroglyphic (sic) usernames. So, I am not sure what the solution would be, because I am completely opposed to storing the MPW on disk.
The only way I could see all this working, is by using an encrypted hash of MPW and 'master' username as a key to store the user's PM record in the RDF file, which would also take care of hiding the account settings.
-
This is just off the top of my head, but why hide only the Accounts Tab? Why not prevent the User from entering the Advanced Settings completely without entering the MPW?
-
Tanstaafl, we are talking about hiding the entire account tree. In other words, when you first open PM, the user will only see the default settings. Only when the correct MPW and master username are supplied, will the settings become visible.
edit: The settings, as you would see them after you do a clean install.
-
Ah.. ok - but what is this 'Master Username'? Is this the USername defined under the 'Defaults' settings?
-
Ah.. ok - but what is this 'Master Username'? Is this the USername defined under the 'Defaults' settings?
No, this master username would be similar to the master password, which the user would supply when the MPW is supplied.
-
Are we getting into the realm of PM 'Profiles' (User Settings Profiles)?
-
OK I'll add it as "Hide the username unless MPW entered correctly."
Which brings me to a question: This is only going to be effective if the MPW is saved to disk, right?
-
From my earlier post:
The only way I could see all this working, is by using an encrypted hash of MPW and 'master' username as a key to store the user's PM record in the RDF file, which would also take care of hiding the account settings.
I am probably thinking in terms of databases, when I say the above, because I do not know enough about encryption, but I could see how the profile record for PWM gets ebcrypted with the MPW and the master username being the key.
edit: So, in other words, if you look at the rdf file, you just see a bunch of encryption jibberish, more like displaying a binary file.
-
I say to use a feature like this, store the MPW in a one way hash, resulting in another 'field' for the master password in the rdf file.
-
Well, I'm not sure I even understand it anymore. What's all this about master usernames, profiles, and hiding the advanced dialog?
As I understand it, you simply want the ability to protect passwordmaker.rdf from prying eyes--whether it be by using PasswordMaker when they're not supposed to, or by opening the file in notepad.
If that's the case, I have to agree with a variation on what miquelfire is saying. You should be prompted for a password with which to encrypt the passwordmaker.rdf file. When starting PasswordMaker (assuming you've opted for this option), you'll be prompted for that password--which may or may not be your MPW (that's up to you). If you enter it incorrectly, a new file is created with defaults -- not overwriting passwordmaker.rdf, but perhaps named something like passwordmaker2.rdf. If, however, you enter the password correctly, then the original RDF is used.
The only problem I see with this is that the RDF must remain encrypted on disk. This will have an impact on performance.
-
As I understand it, you simply want the ability to protect passwordmaker.rdf from prying eyes--whether it be by using PasswordMaker when they're not supposed to, or by opening the file in notepad.
If that's the case, I have to agree with a variation on what miquelfire is saying. You should be prompted for a password with which to encrypt the passwordmaker.rdf file. When starting PasswordMaker (assuming you've opted for this option), you'll be prompted for that password--which may or may not be your MPW (that's up to you). If you enter it incorrectly, a new file is created with defaults -- not overwriting passwordmaker.rdf, but perhaps named something like passwordmaker2.rdf. If, however, you enter the password correctly, then the original RDF is used.
Hence my question re: profiles...
If the above occurs, you now have two RDF files - which, essentially, is two PM 'profiles' (although the profile is merely another RDF file). So, if the above happens, how do you switch back to your original?
Maybe it would be better to simply not open the file without the PW (for now).
One advantage to the concept of PM 'Profiles' is this dovetails with the issue of Synchronizing settings - because this will obviously entail working with multiple RDF files.
The only problem I see with this is that the RDF must remain encrypted on disk. This will have an impact on performance.
How badly? I like the idea of having my RDF file protected, but as long as my passwords themselves are not in danger of being compromised, I don't think it's *that* important of an issue.
Hmmm....
-
You should be prompted for a password with which to encrypt the passwordmaker.rdf file. When starting PasswordMaker (assuming you've opted for this option), you'll be prompted for that password--which may or may not be your MPW (that's up to you). If you enter it incorrectly, a new file is created with defaults -- not overwriting passwordmaker.rdf, but perhaps named something like passwordmaker2.rdf. If, however, you enter the password correctly, then the original RDF is used.
Yes Eric, that is more or less what I am trying to say.
-
If the above occurs, you now have two RDF files - which, essentially, is two PM 'profiles' (although the profile is merely another RDF file). So, if the above happens, how do you switch back to your original?
OK, now I understand what you meant by a profile. One way of switching back to the other profile is by using File->Import Settings (you'd once again be prompted for the password for that file).
The only problem I see with this is that the RDF must remain encrypted on disk. This will have an impact on performance.
How badly? I like the idea of having my RDF file protected, but as long as my passwords themselves are not in danger of being compromised, I don't think it's *that* important of an issue.
Well, I re-thought this and most everything that's used frequently is cached in memory. So the performance hit wouldn't be bad at all. It's the coding effort for something like this that would be huge.
I think we should just stick with the original idea of hiding the accounts tab if the MPW isn't entered correctly (and the user has chosen this global setting).... no encryption of passwordmaker.rdf, at least not yet.
-
I think we should just stick with the original idea of hiding the accounts tab if the MPW isn't entered correctly (and the user has chosen this global setting).... no encryption of passwordmaker.rdf, at least not yet.
Yes Eric, I do not even know how we got to this point. I was looking thru this thread earlier today and was shocked at how long it has gotten.
As long as it is a choice to do it, or not, let's just hide the account tree. The user could always use the operating system functions to encrypt the rdf file.
or as my daughter would say: whatever ?
-
Agreed...
-
I hope this is the way to vote for the one or 5 you like.
I agree with this as I have had this very problem many times, as I use the single MPW entry. This one would be GREAT for those of us that have the un-educated fingers and do not know how to dpwell, (sp), spell. I would take them back to school, but; that is about 30 miles from here and over 45 years ago.
This is Numbre 3,
-
I vote for encrypting the output from Advanced Auto-Populate fields based on the master password (in addition to encrypting the .rdf file during import/export).
-
Combined with New 'MPW Hash Mis-Match' dialog (http://forums.passwordmaker.org/index.php/topic,1368.0.html)