I suggest you allow a toggled option to have the 'When URL contains' field hidden (or asterisked) after a username is entered, otherwise any bypasser/screenshot trojan could obtain it.
I'm guessing you meant the 'Using URL' field? The 'When URL Contains' field is only visible when you open Passwordmaker, not on the Master Password Prompt window.
But yes, if someone walked by when you were creating or editing an account, they could see this - but you also need to be able to see them when editing them to make sure they are right, no?
Many financial websites unfortunately also leave the username revealed. I don't suppose it is possible for PasswordMaker to somehow copy the username in hidden fashion into the username field on such a website?
Sounds like a Feature Request to me... ;) Care to go over to the
Feature Request Forum and make it official?
Incidentally, in order to produce a memorizable but random username I enter a memorized word as username, then copy the resulting password back into the PasswordMaker username slot. Some day you might want to automate that feature.
Sounds like another one - and a good one at that! If you haven't added this as a FR in the next day or two, I may be tempted to do so myself...
Thanks for participating.
Charles