Saved passwords: option for timeout/forget during session Topic is solved

Talk about code development, features, specific bugs, enhancements, patches, and similar things.
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.

This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.

Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
User avatar
chw9999
Newbie
Newbie
Posts: 3
Joined: 2020-04-04, 18:29

Saved passwords: option for timeout/forget during session

Unread post by chw9999 » 2022-01-18, 16:34

Hi, my Pale Moon sessions tend to stretch (thanks for stability of PM!), with lots of tabs open. During such sessions, I use "Saved Passwords" for quite some sites. Once I submitted my master password during a session, the passwords service will be available all the time until I close and reopen Pale Moon.

Would it be possible to "forget" the Master Password (rather "forget that I typed it in some time ago") after a while, say 10min / 1 h / whatever, or on a defined well-placed button click? Or maybe deletion of a certain file in the profile folder?

However, I might just being paranoid about having the password service available all the time... "Automatically fill in" is disabled, btw! :)

Thanks in advance!

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 32007
Joined: 2011-08-28, 17:27
Location: Tranås, SE
Contact:

Re: Saved passwords: option for timeout/forget during session

Unread post by Moonchild » 2022-01-18, 20:56

By design, the master password unlocks the database for the entire session. The security it offers is for local access only and does not in any way compromise your on-line security by being unlocked. Not auto-filling credentials is the correct security measure here; the password/formfill routine and API is not accessible by web content.
If you are concerned about local access to your browser in an opened state then you should make a point to close the browser when you leave the computer, i.e. use computer security best practice.

EDIT: it was pointed out to me that an extension exists to manage the password credentials (including clearing the master password on demand):
https://addons.palemoon.org/addon/passw ... ager-menu/
"You will observe with concern how long a useful truth may be known and exist before it is generally received and practiced on." -- Benjamin Franklin
"Compromise and collaboration lie at the heart of all great endeavours" -- Kassandra
Image

User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 3918
Joined: 2015-12-09, 15:45
Contact:

Re: Saved passwords: option for timeout/forget during session

Unread post by moonbat » 2022-01-19, 00:27

Use Master Password+ and in future, look at the addons site or CAA before suggesting new features. This browser isn't total shit like Chrome, current Firefox or their derivatives with just lame web extensions that can't do much beyond modifying webpages and as a result new features end up having to be implemented only by the browser developers, adding to bloat because not everyone needs all those features.

For every brilliant idea or unique workflow requirement you have, chances are high someone has long since thought of it and made an extension for it.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
Linux Mint 20.1 Xfce x64 on HP i5-5200 laptop, 12 GB RAM.
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX

Post Reply