StrokesPlus Forum
                       
StrokesPlus Forum
Home | Profile | Register | Active Topics
Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Feature Updates
 Requests
 about setting password
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

zqxathz

4 Posts

Posted - 06/07/2014 :  23:58:14  Show Profile  Reply with Quote
this version request to input password when starting, if S+ have a password.
when we have set a password,can the next version have not request input password when starting,but if go to the setting window ,is request to input password?

thx so cool the software

Rob

USA
2605 Posts

Posted - 06/08/2014 :  00:03:47  Show Profile  Visit Rob's Homepage  Reply with Quote
The reason I chose to prompt for password on start up is because any actions with sensitive information like scripting out password, someone could still use the actions.

Additionally, S+ encrypts the settings file, so without the password, S+ cannot decrypt it to load your settings :)

I know it can be a little annoying, but its in the best interest of security. I will think about it some, maybe offer some kind of option for less security.
Go to Top of Page

zqxathz

4 Posts

Posted - 06/08/2014 :  00:38:15  Show Profile  Reply with Quote
thanks for you ,wish S+ give we more options for security,let it to easy to use.
Go to Top of Page

Strokeman

33 Posts

Posted - 06/13/2014 :  13:34:30  Show Profile  Reply with Quote
Yes password just for settings sounds defeating the purpose.
Rob can you tell more on how S+ encrypts and decrypts the set password? which encryption is used? Everything happens in RAM or the XML/settings file is left on drive plain as such , while S+ is active?
was thinking to use actions to log into some "Regular"sites and surely for anyone storing passwords in actions wud be bit worrying (esp. when S+ is still not open source)
Thanks

P.s. saying above, i have no issue with u not making it open source(i know u have plans) as its your work and ur baby. You are doing quite enough already with this freeware and regular support. :)
Go to Top of Page

Rob

USA
2605 Posts

Posted - 06/16/2014 :  11:04:58  Show Profile  Visit Rob's Homepage  Reply with Quote
First of all, it's not using any particularly fancy or super strong encryption, so I don't recommend storing highly confidential or sensitive information inside; this was intended to be a simple form of basic protection from an average person who sat down at your computer and could easily open the Settings and see login details.

When S+ starts, it attempts to parse the XML file, if it fails to successfully parse, it prompts for a password, then attempts to decrypt the contents using the password. If successful, it decrypts the file, loads the settings into RAM, then re-encrypts. So the XML file is only ever in a decrypted state very briefly.

The file is otherwise never in a plain text form.
Go to Top of Page

Strokeman

33 Posts

Posted - 06/28/2014 :  18:15:54  Show Profile  Reply with Quote
thanks for detailing rob, though i dont find much use of password feature, as someone using it to store login details(esp passwords) should logically not be doing it in absence of good encryption

Anyway, i understand that you just tried to add some very basic addon of password feature and ofcourse s+ is not some password storing privacy software or sort of.

I use keepass and i am trying to see whether i can do some automation of it with S+ , while interacting with various websites needing logins
Thanks
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
StrokesPlus Forum © 2011-2018 Rob Yapchanyk Go To Top Of Page
Snitz Forums 2000