Commit Graph

2 Commits

Author SHA1 Message Date
Wolfram Rösler
a81c6469a8 Implement Password Health Report
Introduce a password health check to the application that evaluates every entry in a database. Entries that fail  various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports  widget. Recycled entries are excluded from the results.

We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database.

Tests include passwords that are expired, re-used, and weak.

* Closes #551

* Move zxcvbn usage to a centralized class (PasswordHealth)  and replace its usages across the application to ensure standardized interpretation of entropy calculations.

* Add new icons for the database reports view

* Updated the demo database to show off the reports
2020-02-01 09:30:12 -05:00
Wolfram Rösler
4a3cfab146 Add demo kdbx file (password is secret) (#3294)
* Add demo kdbx file (password is `secret`)

The demo.kdbx password safe contains a number of realistically looking
but imaginary accounts for popular web services (Amazon, eBay, Google,
etc.) The owner's name is supposed to be John Doe, his e-mail address
is john.doe@example.com.

The intended use of this file is:

* To try out features (like the upcoming Paper Backup, #3277) without
using one's own database.
* To have a more-or-less realistic database file. The other kdbx files
in the tests/data directory all have some peculiarity or another.
* To have a password database from which one can take screenshots in
order to demonstrate bugs or new features. So, the recommendation
"don't include screen shots of your database" can be changed to
"include screen shots of the demo database".
* To have something you can mess around with without being afraid to
mess up your own database. If you mess up too bad, use git to revert
your changes.

The location of the demo database is `tests/data/demo.kdbx`. The
password is `secret`.

So far, the demo database is in the source tree only, to be used
by developers. Someone else may decide whether it could be placed in the
distribution, or maybe even made available for download from the KeePassXC
web site so that new users have something to play around with.

* Add more sophistication to the demo database

Add a second group that contais more sophisticated items:
Attachments, attributes, notes, expiration.

Note that the "ssh key" is completely imaginary and cannot
be used for anything realistic. For example, the public and
private keys don't fit together, the pass phrase and finger
print don't match, etc. It's just for demo purposes, like
anything in this file.
2019-06-30 11:07:59 -04:00