Password Masker
Posted: 04 Aug 2024, 17:04
Oberhesse wrote
The Password Masker plugin makes it difficult to read passwords.
Currently this problem exists:
When password entries are defined in configuration lists, they are initially correctly masked with * characters in the overview.
However, if a configuration entry is selected, the password is visible again (unmasked).
When editing with the virtual keyboard (Virtualkeyboard) it is also unmasked.
Even for inexperienced users it is therefore possible to read the passwords from the configurations without any problems.
The Password Masker plugin offers the following functions to prevent the readout:
Passwords in configuration lists remain masked when selected
Passwords are masked in the virtual keyboard
Masking can be deactivated for new password entries
If the 3rd option is used and an existing password is to be changed, there is the trick to delete the existing password first. The next edit in the virtual keyboard is then considered as a new entry and the password can be entered unmasked.
Attention: The protection by this plugin is limited, because it only prevents the reading via the configuration menus. Passwords can still be read out from the configuration by experienced users with little effort if they were stored there unencrypted.
By the way, the masking problem mentioned above is not VTi-specific, but can also be reproduced with other images (OATV, Dream). As soon as the beta phase is finished, I will release the plugin as a multi-image capable solution.
Many thanks to @ WeFraJo for testing and the tips.
This is a beta version. Please report back errors.
Support Thread:
https://vuplus-support.org/wbb…ostID=22 ... ost2225086
my contribute
thx Lululla
The Password Masker plugin makes it difficult to read passwords.
Currently this problem exists:
When password entries are defined in configuration lists, they are initially correctly masked with * characters in the overview.
However, if a configuration entry is selected, the password is visible again (unmasked).
When editing with the virtual keyboard (Virtualkeyboard) it is also unmasked.
Even for inexperienced users it is therefore possible to read the passwords from the configurations without any problems.
The Password Masker plugin offers the following functions to prevent the readout:
Passwords in configuration lists remain masked when selected
Passwords are masked in the virtual keyboard
Masking can be deactivated for new password entries
If the 3rd option is used and an existing password is to be changed, there is the trick to delete the existing password first. The next edit in the virtual keyboard is then considered as a new entry and the password can be entered unmasked.
Attention: The protection by this plugin is limited, because it only prevents the reading via the configuration menus. Passwords can still be read out from the configuration by experienced users with little effort if they were stored there unencrypted.
By the way, the masking problem mentioned above is not VTi-specific, but can also be reproduced with other images (OATV, Dream). As soon as the beta phase is finished, I will release the plugin as a multi-image capable solution.
Many thanks to @ WeFraJo for testing and the tips.
This is a beta version. Please report back errors.
Support Thread:
https://vuplus-support.org/wbb…ostID=22 ... ost2225086
my contribute
thx Lululla