Skip to content

encode pass entries #125

New issue
New issue
Open
Open
encode pass entries#125
Labels
enhancement
@Eoksni

Description

@Eoksni
Eoksni
opened on Nov 25, 2019

For logged in user:

  • User enters password (it is never sent to the server).
  • Browser generates key based on that password.
  • Browser encodes pass entries using that key before sending them to the server
  • It also decodes pass entries received from the server using same key
  • The key can be stored in the local storage
  • The login password should be encoded as well, but is it safe to encode original password with that key? Alternative is to split original password into two parts, first part is used to generate key and second part is encoded using that key and then used as login password

For guests:

  • Hm, nothing is changed here

For signup:

  • Login password should be generated as above

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions