Externally opened attachments are now lifecycle-managed properly.
The temporary files are created with stricter permissions and entirely
random names (except for the file extension) to prevent meta data leakage.
When the database is closed, the files are overwritten with random
data and are also more reliably deleted than before.
Changes to the temporary files are monitored and the user is asked
if they want to save the changes back to the database (fixes#3130).
KeePassXC does not keep a lock on any of the temporary files, resolving
long-standing issues with applications such as Adobe Acrobat on Windows
(fixes#5950, fixes#5839).
Internally, attachments are copied less. The EntryAttachmentsWidget
now only references EntryAttachments instead of owning a separate copy
(which used to not be cleared properly under certain circumstances).
- Unify widget layouts and margins
- Fix tab order on a bunch of widgets
- Fix broken entry/group edit form layout and replace with grid layout
- Rearrange some settings for better logical grouping
- Fix some settings checkboxes not being enabled/disabled on load
- Fix "General" settings tab scrolling
- Rename "Root" group to "Passwords"
- Update demo.kdbx accordingly and redownload favicons
- Change entry path display to use slash separators
- Reduce Medium and Large icon sizes slightly
* Fixes#4168
* Introduce a custom data element stored with an entry to indicate that it is a "Known Bad" entry. This flag causes database reports to skip these entries.
* The current number of known bad entries is displayed in the statistics report.
* Add context menu to reports to easily exclude entries.
* Fixes#1083
* Add online HIBP checker dialog to the database reports widget. Permission is requested from the user prior to performing any network operations.
* The number of times a password has been found in a breach is shown to the user.
* If no passwords are breached then a positive message is presented.
* Source of HIBP icon: https://github.com/simple-icons/simple-icons/blob/develop/icons/haveibeenpwned.svg
Authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
Co-authored-by: Jonathan White <support@dmapps.us>
Introduce a password health check to the application that evaluates every entry in a database. Entries that fail various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports widget. Recycled entries are excluded from the results.
We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database.
Tests include passwords that are expired, re-used, and weak.
* Closes#551
* Move zxcvbn usage to a centralized class (PasswordHealth) and replace its usages across the application to ensure standardized interpretation of entropy calculations.
* Add new icons for the database reports view
* Updated the demo database to show off the reports
* Add demo kdbx file (password is `secret`)
The demo.kdbx password safe contains a number of realistically looking
but imaginary accounts for popular web services (Amazon, eBay, Google,
etc.) The owner's name is supposed to be John Doe, his e-mail address
is john.doe@example.com.
The intended use of this file is:
* To try out features (like the upcoming Paper Backup, #3277) without
using one's own database.
* To have a more-or-less realistic database file. The other kdbx files
in the tests/data directory all have some peculiarity or another.
* To have a password database from which one can take screenshots in
order to demonstrate bugs or new features. So, the recommendation
"don't include screen shots of your database" can be changed to
"include screen shots of the demo database".
* To have something you can mess around with without being afraid to
mess up your own database. If you mess up too bad, use git to revert
your changes.
The location of the demo database is `tests/data/demo.kdbx`. The
password is `secret`.
So far, the demo database is in the source tree only, to be used
by developers. Someone else may decide whether it could be placed in the
distribution, or maybe even made available for download from the KeePassXC
web site so that new users have something to play around with.
* Add more sophistication to the demo database
Add a second group that contais more sophisticated items:
Attachments, attributes, notes, expiration.
Note that the "ssh key" is completely imaginary and cannot
be used for anything realistic. For example, the public and
private keys don't fit together, the pass phrase and finger
print don't match, etc. It's just for demo purposes, like
anything in this file.