Re: password.el: A minor mode to hide sensitive information (passwords) using overlays.

Re: password.el: A minor mode to hide sensitive information (passwords) using overlays.

[Michael Albinus]

Jürgen Hötzel <juergen@archlinux.org> writes:

Hi Jürgen,

> But there may be situation when you have to deal with passwords in
> plain text files.
>
> Example Usage:
>
> (require 'password-mode)
> (add-hook 'text-mode-hook 'password-mode)
>
> Source Repository:
>
> https://github.com/juergenhoetzel/password-mode

Nice package. I've tried it with my own ~/.authinfo.gpg file;
unfortunately it doesn't work out of the box due to limitations in
`password-mode-prefix-regex':

- You require a trailing ":" after any string of
  `password-mode-words'. Maybe you could make this optional.

- You allow only alpha numerical characters for passwords. I use also
  special characters like "@" in my passwords, which are not hidden. The
  password regexp could be more general (or customizable).

> Jürgen

Best regards, Michael.

Re: password.el: A minor mode to hide sensitive information (passwords) using overlays.

[Jürgen Hötzel]

Hi Michael,

thanks a lot for you feedback!

2012/11/20 Michael Albinus <michael.albinus@gmx.de>:
> Jürgen Hötzel <juergen@archlinux.org> writes:
>
>
> Nice package. I've tried it with my own ~/.authinfo.gpg file;
> unfortunately it doesn't work out of the box due to limitations in
> `password-mode-prefix-regex':
>
> - You require a trailing ":" after any string of
>   `password-mode-words'. Maybe you could make this optional.

I introduced a new custom variable password-mode-password-prefix-regexs:
So you can change this.

> - You allow only alpha numerical characters for passwords. I use also
>   special characters like "@" in my passwords, which are not hidden. The
>   password regexp could be more general (or customizable).

Good catch. I now use [:graph:] as default and also made it customizable via
password-mode-password-regex.

Documentation update:

https://github.com/juergenhoetzel/password-mode/blob/master/README.md

Jürgen

Re: password.el: A minor mode to hide sensitive information (passwords) using overlays.

[Michael Albinus]

Jürgen Hötzel <juergen@archlinux.org> writes:

> Hi Michael,

Hi Jürgen,

> I introduced a new custom variable password-mode-password-prefix-regexs:
> So you can change this.

That looks much better now. Maybe you could polish a little bit the
default. I would make the colon optional, then .netrc or .authinfo files
are supported out of the box. And maybe you shall allow any space class
characters after the prefix. My proposal for a default value would be

  '("Password:?[[:space:]]+" "Passwort:?[[:space:]]+")

You might also mention in the docstring of that custom option, that the
regexps must not contain parentheses for grouping, otherwise your match
wouldn't work. Shy groups are OK.

Another minor annoyance is, that your code is activated only in case of
*inserting* a character. I have no simple solution at hand, because
there isn't a hook when deleting a character. Maybe you could remap keys
<delete-char> and <backspace> for the password string region, but I
don't know whether this covers all use cases.

Delete/undo is also problematic, because you don't know first hand which
password to enter as confirmation.

An alternative approach could be to mark the region which contains the
password with the `read-only' property and catch the `text-read-only'
error, which is raised when somebody tries to modify this region. In the
error handler, you could call your password change mechanery.

> Jürgen

Best regards, Michael.

Re: password.el: A minor mode to hide sensitive information (passwords) using overlays.

[Jürgen Hötzel]

Hi Michael,

2012/11/21 Michael Albinus <michael.albinus@gmx.de>:
> Jürgen Hötzel <juergen@archlinux.org> writes:
>
>> Hi Michael,
>
> Hi Jürgen,
>
>> I introduced a new custom variable password-mode-password-prefix-regexs:
>> So you can change this.
>
> That looks much better now. Maybe you could polish a little bit the
> default. I would make the colon optional, then .netrc or .authinfo files
> are supported out of the box. And maybe you shall allow any space class
> characters after the prefix. My proposal for a default value would be
>
>   '("Password:?[[:space:]]+" "Passwort:?[[:space:]]+")

Thanks. That makes sense: Done.

> You might also mention in the docstring of that custom option, that the
> regexps must not contain parentheses for grouping, otherwise your match
> wouldn't work. Shy groups are OK.

Thanks. Also done.
> Another minor annoyance is, that your code is activated only in case of
> *inserting* a character. I have no simple solution at hand, because
> there isn't a hook when deleting a character. Maybe you could remap keys
> <delete-char> and <backspace> for the password string region, but I
> don't know whether this covers all use cases.
>
> Delete/undo is also problematic, because you don't know first hand which
> password to enter as confirmation.
>
> An alternative approach could be to mark the region which contains the
> password with the `read-only' property and catch the `text-read-only'
> error, which is raised when somebody tries to modify this region. In the
> error handler, you could call your password change mechanery.


Yes, there is no easy solution. I implemented it using the overlay insert hook,
because i can easily distinguish my overlays from other overlays and
don't wanted
to fiddle with user key bindings which may be already customized.

I did not knew about the 'read-only'  option: Thanks. I will check it out!

Jürgen