Add history to the password generator

[witcherenjoyer]

Summary

pretty self explanatory, adding a log of passwords that have been generated during the session would be a very useful and good feature.

Examples

Context

Just lost a gpg key because i clicked off the gen and had the password change before i could save it :(

[droidmonkey]

The password generator is stateless by design. You could inadvertently leak information, that password history list needs to be stored somewhere. Storing it in memory is an option, but would be cleared on database lock and application close. The standalone password generator will never have a history due to it being outside of an encrypted environment.

[witcherenjoyer]

then would it be possible to rework the generator to not generate a new password until explicitly told to do so? what happened to me, is i accidentally clicked on passphrase from password, and it removed my password before it could be saved.

[droidmonkey]

Yes that is a better user experience anyway, it is rather unexpected to have the password regenerate when switching tabs.

[ygrange]

I just came here because I changed my password, and then accidentally changed the character set after pasting on the website and submitting. I think it is especially confusing that of course since passwords are only shown as dots, you don't see the password change either. I think I'd support having to explicitly refresh the password after changing the charset settings.

[ccope]

This exacerbates a bug where I use the KeePassXC browser extension in Firefox to generate a new password, have it fill the form, click the form submit button, and then the "update existing entry or add new" bar appears at the top of the window while the page redirects to the logged in site and then the bar is gone. If the generator saved history in memory until the database gets locked again, this would be a total non-issue.

[ghost]

Unfortunately those situations tend to happen to me more often than I would like. I'm hoping this usability issue gets resolved as soon as possible... :P

[lionkmp]

To overcome the problem mentioned by OP I always have a "TEMP" entry in my Root, where I generate new passwords, save them before using them. I do not ever submit or use a password before saving them to TEMP. (But yes, I also had my trouble first...)

Maybe my workflow could be implemented, by adding a "Save to Generated Passwords" (next to Cancel button) that creates and updates a "hardcoded" Root/"Generated Passwords" (one item, not a folder, the item gets a new password added to its history.) (Or the item could be called "New Passwords" and button "Save to New Passwords" if we see example in #8415 )

(That button would be visible only when not started from an entry.)

[sjvudp]

Probably the solution is: "First create and save (or remember) a password, then use it." ;-)

[jrabbit]

Probably the solution is: "First create and save (or remember) a password, then use it." ;-)

No.

[sjvudp]

Probably the solution is: "First create and save (or remember) a password, then use it." ;-)

No.

But isn't "Just lost a gpg key because i clicked off the gen and had the password change before i could save it :(" just a user error? The correct usage is to let the password generator set a password and then use that; isn't it?

[Jookia]

This exacerbates a bug where I use the KeePassXC browser extension in Firefox to generate a new password, have it fill the form, click the form submit button, and then the "update existing entry or add new" bar appears at the top of the window while the page redirects to the logged in site and then the bar is gone. If the generator saved history in memory until the database gets locked again, this would be a total non-issue.

This is exactly why I'm afraid to use the browser generator. :(

An in-memory log of passwords would help this.