top | item 45935654

(no title)

kseistrup | 3 months ago

This looks neat.

Is there a way to change the password length? It seems PASSWORD_LENGTH is set to 20 in config.py, but if keepr is installed by the sysadmin, users won't be able to change this.

And about security: Even if the database is encrypted, it would be nice if keepr set the umask to at least 0027 (possibly even 0077) at startup so that everything is only readable by the user.

Cheers.

discuss

bsamarji|3 months ago

You're correct, generated password length is fixed to 20 characters at the moment. I've got a priority task to make user config the next release which will enable the user to configure generated password length, colour scheme and session length. With regards to security, the way the database is encrypted is using your master password on intial setup. I'm not sure if there is a way to make the database readable, even setting it to readable to the user, since the database file itself is encrypted. This is for security purposes, and when I was desinging the app, I had trade-offs to make between security and user experience. Security was a top priority as I hadn't seen another password manager with this level of security before. I have a feature planned to enable export and import of data from the database to .csv/.json, so this might help with user experience. Thanks for the feedback, really appreciated. I hope you enjoy using the app!

kseistrup|3 months ago

Great, thanks! :)

johng|3 months ago

on MacOS at least I was able to use a password that was 9 characters in length. Installed via pipx, not sure if that makes a difference.

kseistrup|3 months ago

Right, I should have been more explicit: Pre-existing passwords can have any length, but the "keepr add -g" command will always generate a password of length 20, and there is no obvious way to change that, save for editing the config.py file -- something that may not always be possible (or desirable).