Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Eye symbol not shown when "show password placeholders" is enabled #10794

Open
droidmonkey opened this issue May 22, 2024 · 5 comments
Open

Eye symbol not shown when "show password placeholders" is enabled #10794

droidmonkey opened this issue May 22, 2024 · 5 comments
Labels
bug user interface
Milestone
v2.7.10

Comments

@droidmonkey
Copy link
Member

droidmonkey commented May 22, 2024
edited
Loading

Originally reported by @kunszabo

Summary

The presence/absence of the "reveal content" eye button before the fields gives out information about the given field being empty or having a content, even when the content is only displayed as placeholder dots.

Details

On the General tab of a displayed entry the "reveal content" eye button is not shown before an empty user name or password field.
This gives out a clue about the current value when the "/View/Hide Usernames" and "/View/Hide Passwords" settings are turned on:

no eye button + placeholder dots = empty field
clickable eye button + placeholder dots = some non-empty data
If the "reveal content" eye button is displayed for empty fields, too, then this small info leak will be prevented.

PoC

Turn on "/View/Hide Usernames" and "/View/Hide Passwords".
Enable "Use placeholder for empty password fields" in Security settings tab.
Enable "Hide passwords" in the entry preview panel" in Security settings tab.
Create a new entry with no user name and no password, and select this item in the list on the main panel.
Effect: the entry preview panel will show the user name and password fields without a preceding "reveal content" eye button.

Edit the entry and enter some non-empty content to the user name and password fields, and save the entry.
Effect: the preview panel changes; there is now a clickable "reveal content" eye button in front of the user name and password fields.

Impact

If someone can see the preview panel or hear the voice of a screen reader, they will know if the given fields are empty or not, even if the placeholder dots are displayed instead of the real content.
The impact is probably negligible, it does not allow the retrieval of any non-empty information, and exploiting it requires physical presence, but I still think that this should be fixed, especially because the fix seems to be trivial.

Checked on MS Windows only, with KeepassXC version 2.7.8
@droidmonkey droidmonkey added this to the v2.8.0 milestone May 22, 2024
@phoerious
Copy link
Member

I think we should just remove the setting and always display bullet points and the eye button.

@droidmonkey
Copy link
Member Author

Oh no, I hate showing bullets when nothing is there

@phoerious
Copy link
Member

We already show a fixed number of bullets regardless of how long the password actually is. If you follow that logic, you should do the same if the length is 0.

@droidmonkey
Copy link
Member Author

It's my way of knowing if there is actually a password or not. I know that's a workflow for many others as well.

@phoerious
Copy link
Member

Well, then we should at least fix the button inconsistency.

@droidmonkey droidmonkey modified the milestones: v2.8.0, v2.7.9 May 27, 2024
@droidmonkey droidmonkey modified the milestones: v2.7.9, v2.7.10 Jun 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug user interface
Projects
None yet
Milestone
v2.7.10
Development

No branches or pull requests
2 participants
@phoerious @droidmonkey