keepass2android icon indicating copy to clipboard operation
keepass2android copied to clipboard

Published 20 hours ago verified publisher icon PhilippC

[BUG] Placeholder for password in URL always shows cleartext password

Open ptar opened this issue 2 years ago • 2 comments

Checks

  • [X] I have read the FAQ section, searched the open issues, and still think this is a new bug.

Describe the bug you encountered:

  • Use the {PASSWORD} placeholder in the url
    • E.g. http://{USERNAME}:{PASSWORD}@...
  • Save the change
  • You can see the password as clear text in the url field

Describe what you expected to happen:

The password should not be visible in the url (but usable)

What version of Keepass2Android are you using?

1.09e-r7

Which version of Android are you on?

10

ptar avatar Nov 01 '23 16:11 ptar

is any other KeePass client handling this in a different way?

PhilippC avatar Nov 13 '23 09:11 PhilippC

Yes, e.g. KeepassXC (for Windows) shows http://{USERNAME}:{PASSWORD}@... as http://someuser:******@...

I would expect something similar in Keepass2Android (and BTW in any other KeePass-client)

ptar avatar Nov 13 '23 12:11 ptar