Replaces all string configuration options with enum types
that can be checked by the compiler. This prevents spelling
errors, in-place configuration definitions, and inconsistent
default values. The default value config getter signature was
removed in favour of consistently and centrally default-initialised
configuration values.
Individual default values were adjusted for better security,
such as the default password length, which was increased from
16 characters to 32.
The already existing config option deprecation map was extended
by a general migration procedure using configuration versioning.
Settings were split into Roaming and Local settings, which
go to their respective AppData locations on Windows.
Fixes#2574Fixes#2193
See issue #3271 for a motivation of this feature.
This patch adds an additional text input to the advanced view of the password generator. All characters of this input field (if not empty) will be added as another group to the password generator. The characters from the excluded field have precedence over the characters from this new field, meaning any character added to both fields will *not* appear in any generated password. As the
characters from this new field will be added as their own group to the password generator, checking the 'Include characters from every group' checkbox will
force at least character to be chosen from the new input field.
The `PasswordGenerator` class has also been changed so that the `isValid` method returns `true` if only characters from the new input field would be used.
There is a new, simple test that covers the new feature. While the test only uses ASCII characters, any Unicode characters can be used with the new feature.
Introduce a password health check to the application that evaluates every entry in a database. Entries that fail various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports widget. Recycled entries are excluded from the results.
We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database.
Tests include passwords that are expired, re-used, and weak.
* Closes#551
* Move zxcvbn usage to a centralized class (PasswordHealth) and replace its usages across the application to ensure standardized interpretation of entropy calculations.
* Add new icons for the database reports view
* Updated the demo database to show off the reports
* Pass correct entropy amount to keepassxc-browser instead of amount of bits for both password and passphrase.
* Rename json key from "login" to "entropy" (keeping "login" key for backwards compatibility).
* Also make some changes to entropy calculation methods:
- Rename PassphraseGenerator::calculateEntropy to estimateEntropy
- Rename PasswordGenerator::calculateEntropy to estimateEntropy
This patch aims at reducing the number of copies for obejcts that could
be referenced rather than copied, because they're not modified during
the computation.
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.
In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.
This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.
Lastly, all CLI commands received a dedicated -h/--help option.
* Add Standalone Password Generator. Closes#18
* Add an entropy meter for passwords. Closes#84
* Don't require password repeat when it is visible. Fixes#27
It's loosely based on OS X PasswordAssistant. Generation happens as soon as a
change is made, and on open of the widget. A combobox has been added to allow
one to choose from some randomally-generated alternatives, and the UI is
generally been made a bit more compact.
Written by Michael Curtis <michael@moltenmercury.org> and revised by me.
Closes#119https://github.com/keepassx/keepassx/pull/38
