's blocking of copy-paste makes people unsafe.

It basically means people cannot use password managers for their GnuPG key passwords. The alternatives for most users are:
- use a shitty password (perhaps re-using it);
- use a key without a password.

The person who came up with this idiotic idea should get drawn and quartered.

is this enigmail failing or the default gnupg gtk/qt password input prompt. I think it did block copy/paste...

@rysiek how about using password managers that support autotype? copy-pasting passwords into clipboard exposes it to all applications you know, because clipboard is public.

@hj KeePassX supports auto-type. Not a solution at all, because:

1. if the focus changes (notification from an IM app, etc), password gets sent somewhere else than the form;
2. by default focus in Enigmail's pinentry is on the "Cancel" button; Autotype adds an "Enter" at the end. So the password gets typed in and then promptly discarded with a Cancel.

Unusable.

@rysiek KeePassX is dead. Use KeePassXC instead, it also has a browser integration.

1) you can have a global hotkey that performs autotype based on active window title, so you don't have to change focus.
1.1) use focus stealing prevention if your window manager allows.
1.2) use browser integration if possible
2) autotype can be customized to not to include enter at the end of the sequence. You can tell it to send any keystrokes, really, and it's set per-entry. That's supported even in KeePassX.
Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!