Mask password #190
Mask password #190
Conversation
|
Perhaps advanced mode could have a warning box near it that says "your server password is potentially displayed while on this screen" or similar |
There was a problem hiding this comment.
The passwords are also visible in the server list, so those should be redacted too. I don't think that they should be controlled by the same hide/show button as the password input, though, maybe clicking on each of them would show/hide that single unredacted URL.
Hovering over the folder icon in the install combobox also displays the full URL, though, as I understand it, the purpose of this PR is to ensure the credentials aren't leaked through screenshots or someone looking at your screen, so those are probably fine to remain unredacted.
As for the advanced mode, a note could work, but imo it's pretty clear that there's going to be a plaintext password in there already. The advanced mode is also only meant as a backup, just in case there's somehow some field that the simple mode doesn't support, which shouldn't be the case.
|
The new commits do address the code comments, but the point about the password in existing remote installs listed still stands. |
Mask password in Server Connections. Password is masked by default, with a button to show the password. This is only in the basic mode, im not sure if there would be a way to just mask the password in the connection string for the advanced mode