passwords-webextension
passwords-webextension copied to clipboard
Add option to save Passwords App Master Password
Current Status On each start of e.g. Firefox, the Master Password (if end-to-end encryption is enabled) has to be inserted before the individual passwords are accessible.
Feature Description An option in the add-on's settings to save that Master Password should be provided. This option should be labeled with a warning (exclamation mark in yellow triangle), as the other dangerous options.
Additional context I am using the passwords-webextension in different devices, some I consider safe some not. For the safe ones, I would like to have the master password saved, since it is annoying to type it in on every start.
Devices I consider safe, are my desktop PC, at home. No one has access to it, but me. If a burglar were to break into my house, I would accept the security breach. Also my laptop and smartphone. Usually very unsafe, since they are mobile devices, which can be stolen or forgotten, but the disks are encrypted and I have strong passwords for the operating system's user accounts. If someone would steal the turned-on, unlocked (with me logged in) device from under my hand, I would be fine with the security breach.
So why not simply turn off the master password?
I have one device, a tablet, which is mobile and cannot be encrypted (very slow device). For this device I would accept the additional burden of entering the master password. For all other devices I choose convenience over security.
Very good suggestion. I would appreciate such a feature too.
Yes. For me is absolutely necessary. It is a must since I share my computer with the rest of the house.
Yes. Please! There is currently NO replacement for how Chrome handles password syncing so long as every way to autofill from a source (Such as KeePass) requires you to type in your super secure password everytime. It makes me not even want to bother. Let me take control of my clients that I put the master password in. Have all the disclaimers you want. Every device that would have my master password is bitlocker encrypted and I accept the risk for the convenience that it provides.
would it be possible to leverage browser's password storage for this? It's better than storing it in plain text somewhere and will allow us to leverage a proven technology without having to reinvent the wheel
would it be possible to leverage browser's password storage for this? It's better than storing it in plain text somewhere and will allow us to leverage a proven technology without having to reinvent the wheel
Technically yes https://developer.chrome.com/docs/extensions/reference/privacy/
Someone referenced that link to my own feature suggestion that might also handle this issue: https://github.com/marius-wieschollek/passwords-webextension/issues/212
The chrome.privacy api does not provide access to the password manager of chrome nor does it provide any secure password storage option.