kpcli icon indicating copy to clipboard operation
kpcli copied to clipboard

Published 20 hours ago verified publisher icon alecsammon

Suggest substituting $password rather than obscuring

Open jangari opened this issue 7 years ago • 1 comments

https://github.com/alecsammon/kpcli/blob/cbcd27cbd10ca5881bc47dd160d76f81467e2b6e/kpcli.pl#L1852

I see the point of obscuring the password with red on red, but this could be a security flaw if a user ran show and then quit, as the password would still be in their terminal buffer and could be copied. I've modified my copy so that each character is replaced by an asterisk when running show. Running show -f still shows plan text passwords.

PS, great program. I have basically replaced KeePassX with this.

jangari avatar Sep 16 '17 11:09 jangari

The colour-on-colour is handy for copying the password, but perhaps the screen terminal buffer should always be cleared on exit? (Is this possible??)

pepa65 avatar Jul 23 '19 21:07 pepa65