Replies: 1 comment 6 replies
-
Thanks for the ideas (and also thank you for sponsoring!) It's probably going to be best to split these up into separate issues, but I'll address each one individually first:
Can you give an example of a site where this happens? Min should check for this already; I'm not sure why it wouldn't be working.
This seems like a fairly complex solution that a lot of people would have difficulty using; I'm not sure it makes sense to put this in the main UI. But I wonder if you could write a userscript that runs in that page and fills in the DB name, etc.
You wouldn't actually have to run the userscript at the same time as autofill; you could just run it on page load, or have it run on the same keyboard shortcut as autofill (cmd+\)
This is a good idea. I think there's an issue for this somewhere, but I can't remember. What we'd most likely want to do is implement the existing greasemonkey api: https://wiki.greasespot.net/Greasemonkey_Manual%3aAPI, so that scripts from that extension can be ported (and we already support a subset of their syntax). Also, you can already get the current page URL from within the userscript using I read over the extension background document briefly, and while I haven't read it in detail, I'm not sure I understand what additional protection it offers. Given that the master password, salt, and secret are all stored in the same place, combining them together and using that to retrieve a password doesn't seem to be any different from just using the master password. (Although it could make a difference if the user chooses a very weak master password. Most password managers currently just assume that won't happen). If you're looking for a set of password length/character requirements, this will probably be useful: https://github.com/apple/password-manager-resources I don't think this work would apply directly to Min because 1) we don't support Chrome extensions, and 2) we use the operating system keychain for password storage, so there's limited room to implement our own storage format. But I suppose we could offer some kind of password generation tool in the future. |
Beta Was this translation helpful? Give feedback.
-
Idea
Autofill
Very often Min has asked me to save the password, even if I have only logged in with the built-in password manager. It should be easy to prevent the "save password" overlay in this case.see comment belowComplex Login forms
It's not possible to fill complex login forms like this:

Solution1
Additional key/value Collection for each site/password, where key is the HTML DOM querySelector (or fallback the elementId) of the input field and the value is the string that should be filled in.
Solution2
Provide an additional userScript textarea for each site/password, which is executed after the username/password has been set.
Maybe it's possible to add an "Autologin" checkbox, which submits the form nearby the password field.
allow UserScripts to call
Min
functions (ipc)Chrome Extensions have a background script and communicate with message passing:
chrome.runtime.sendMessage Maybe
Min
could provide a JS Object (global) for userscripts to enablemy background
I do not have any experiences with
electron
and only a little knowledge in JS. To learn it a bit I started an experiment POC (google chrome extension) to show, that it's easy to generate any given user/password credentials using PBKDF2 and XOR function (correction bytes)– E@syPe@syP@ss home: https://github.com/blackgwe/easy-peasy-pass
– some background doc (not reviewed) https://github.com/blackgwe/easy-peasy-pass/blob/master/doc/background.md
– There is even a
backup
feature andsharing username/password credentials
(symmetric aes)– the google chrome extension file (extension.crx) is in the main directory of the repo
Beta Was this translation helpful? Give feedback.
All reactions