Commit Graph

7 Commits

Author SHA1 Message Date
Janek Bevendorff
93f0fef1e1 Improve and secure attachment handling (fixes #2400).
Externally opened attachments are now lifecycle-managed properly.

The temporary files are created with stricter permissions and entirely
random names (except for the file extension) to prevent meta data leakage.

When the database is closed, the files are overwritten with random
data and are also more reliably deleted than before.

Changes to the temporary files are monitored and the user is asked
if they want to save the changes back to the database (fixes #3130).

KeePassXC does not keep a lock on any of the temporary files, resolving
long-standing issues with applications such as Adobe Acrobat on Windows
(fixes #5950, fixes #5839).

Internally, attachments are copied less. The EntryAttachmentsWidget
now only references EntryAttachments instead of owning a separate copy
(which used to not be cleared properly under certain circumstances).
2021-08-22 17:09:21 -04:00
Janek Bevendorff
9d2e066aca Clean up various parts of the UI and rearrange settings
- Unify widget layouts and margins
- Fix tab order on a bunch of widgets
- Fix broken entry/group edit form layout and replace with grid layout
- Rearrange some settings for better logical grouping
- Fix some settings checkboxes not being enabled/disabled on load
- Fix "General" settings tab scrolling
- Rename "Root" group to "Passwords"
- Update demo.kdbx accordingly and redownload favicons
- Change entry path display to use slash separators
- Reduce Medium and Large icon sizes slightly
2020-05-30 10:45:00 +02:00
Janek Bevendorff
4de99cfe8e
Extract highest resolution from downloaded ICO files 2020-05-29 10:00:32 -04:00
Wolfram Rösler
3c19fdd193 Reports: Add "Known Bad" flag for entries
* Fixes #4168

* Introduce a custom data element stored with an entry to indicate that it is a "Known Bad" entry. This flag causes database reports to skip these entries.
* The current number of known bad entries is displayed in the statistics report.
* Add context menu to reports to easily exclude entries.
2020-05-08 20:51:11 -04:00
Wolfram Rösler
83ed9a8d4e
Check passwords against the HIBP online service (#4438)
* Fixes #1083

* Add online HIBP checker dialog to the database reports widget. Permission is requested from the user prior to performing any network operations. 
* The number of times a password has been found in a breach is shown to the user.
* If no passwords are breached then a positive message is presented.

* Source of HIBP icon: https://github.com/simple-icons/simple-icons/blob/develop/icons/haveibeenpwned.svg

Authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
Co-authored-by: Jonathan White <support@dmapps.us>
2020-03-29 09:39:06 -04:00
Wolfram Rösler
a81c6469a8 Implement Password Health Report
Introduce a password health check to the application that evaluates every entry in a database. Entries that fail  various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports  widget. Recycled entries are excluded from the results.

We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database.

Tests include passwords that are expired, re-used, and weak.

* Closes #551

* Move zxcvbn usage to a centralized class (PasswordHealth)  and replace its usages across the application to ensure standardized interpretation of entropy calculations.

* Add new icons for the database reports view

* Updated the demo database to show off the reports
2020-02-01 09:30:12 -05:00
Wolfram Rösler
4a3cfab146 Add demo kdbx file (password is secret) (#3294)
* Add demo kdbx file (password is `secret`)

The demo.kdbx password safe contains a number of realistically looking
but imaginary accounts for popular web services (Amazon, eBay, Google,
etc.) The owner's name is supposed to be John Doe, his e-mail address
is john.doe@example.com.

The intended use of this file is:

* To try out features (like the upcoming Paper Backup, #3277) without
using one's own database.
* To have a more-or-less realistic database file. The other kdbx files
in the tests/data directory all have some peculiarity or another.
* To have a password database from which one can take screenshots in
order to demonstrate bugs or new features. So, the recommendation
"don't include screen shots of your database" can be changed to
"include screen shots of the demo database".
* To have something you can mess around with without being afraid to
mess up your own database. If you mess up too bad, use git to revert
your changes.

The location of the demo database is `tests/data/demo.kdbx`. The
password is `secret`.

So far, the demo database is in the source tree only, to be used
by developers. Someone else may decide whether it could be placed in the
distribution, or maybe even made available for download from the KeePassXC
web site so that new users have something to play around with.

* Add more sophistication to the demo database

Add a second group that contais more sophisticated items:
Attachments, attributes, notes, expiration.

Note that the "ssh key" is completely imaginary and cannot
be used for anything realistic. For example, the public and
private keys don't fit together, the pass phrase and finger
print don't match, etc. It's just for demo purposes, like
anything in this file.
2019-06-30 11:07:59 -04:00