Would be neat that users get sharing keys on the vaults when the vault is created, maybe giving the admin a tool to select the default key length? Or a menu to let the user choose? Not sure about that part

I think sharing with groups is too complicated and problematic, since we keep everything client side as main passman philosophy. The main issue comes when a user is added or removed from a group, mostly on the adding users to group process, specially if the given user has never used passman before because it wouldn't have vaults with sharing keys which would be a mess.
Too sleepy to express myself correctly, hope the point is clear.

Passman 1 has a bookmarklet. User drags the bookmarklet to the bookmarks toolbar and can add passwords with a simple click.
Things like label and url are prefilled from the current page.

• Add bookmarklet route
• Create bookmarklet page

Passman should be able to export passwords / credentials from the current vault

The following formats will be supported

• CSV

If you're missing an export format, please comment =)

I'm missing a way to rename the vault

Currently the tag list shows all tags.
Would be nice to filter those, with the result of tagFilter.

Users should have the ability to change the vault password.
However all files, custom fields and credentials need to be re-encrypeted.
Not sure what the impacts is of this on sharing, therefore a cc for @animalillo

Show a text message that says which key size is the vault going to have and how to change it once the vault is created

Users should be able to share the password with a link.
Sharing with a link is always read only.
Include the features:

• #6 Share for until a specific date / time
• #5 Share for xx views

Please make default settings for passwords a global setting.

For example password default length 20 instead of 12.

Would be nice if the app is translatable, all NextCloud apps use transifex, so we should use it too.
cc'ing @MorrisJobke Can you help us setting it up?

Passman should be able to import passwords / credentials to the current active vault.

For the following password managers i need demo data to write an importer

• KeePass
• LastPass
• Dashlane 4
• Passman Json
• Passpack
• clipperz.is

If you're missing an password manager, please comment =)

Instead of id's use guid's through the app, less prone to guessing correct id's.
Internal NC will still need the id field for updating things.

Fix after sharing has merged

• Add destroy button
• Add route
• Add backend
• Add Activity log

Warn users about insecurity of decrypting their passwords over an HTTP connection

So i have passman at brantje/passman that's for ownCloud.
Since passman for NextCloud will be complete rewrite, i decided to strart from scratch, with a new repo.

What is Passman

Passman is a password manager for ownCloud.
It will keep your passwords safe (as long you keep your server safe ;) ).
Features:

• Angular frontend
• Rollback (roll a entry back)
• Share password (with specific user / group)
  • Shared password can be viewed
  • Shared password can be edited (if you have access to it)
• Tag passwords
• Password strength check (Checks the strength of your passwords and checks for dupes)
• Custom fields (Add your own encrypted fields)
• OTP (One time password generator), so you can login when your phone battery is dead
• Integrations
  • Activity app
  • Notification app

Todo

• Create foundation for the app [Docs](This will be just an empty app)
• Define API [WIP]
• Build API
• Create frontend
  • Use sjcl for the encryption of passwords (aes 256 bit encryption)
  • Create / edit / delete vault
  • Add password
    • Create / remove / edit custom fields
    • Settings for (eg; google's) OTP
    • Password strength indicator
    • Password generator
  • Edit password
  • Delete password
  • Share password
    • Share read only
    • Share r/w
    • Share for xx views
    • Share until date / time
    • Share for xx minutes
  • Fix style issue's

    Help / idea's needed for

• Password sharing part, i have no clue how to approach this. cc @bes1002t , @BernhardPosselt

I wil keep this issue updated when i get new idea's

When user shares a password with a user / group / link.
He should be able to set the amount of views before the shared password 'expires'.
This means:

• When shared with a user, the credential is not longer visible
• When shared with a group, the credential is not longer visible
• When shared with a link, the credential is not longer available.

The structure of the new app seems to be slightly different than the old having vaults.
It would be good if there would be a dialog to import passwords from the old passman app from owncloud.

In addition, for retrieving passwords in the future, it would be really convenient to have a simple tool that can extract all passwords from the sql database in a standalone way. For instance in case passman becomes incompatible with a future nextcloud version.

As I have been in this situation recently with passman in owncloud, I put together a simple php script (see attachment) that encompasses all the required js code and is able to extract the passwords. I could clean this up a bit and make it use the actual passman js files if you are interested.

owncloud-pw.zip

When user shares a password with a user / group / link.
He should be able to set the date before the shared password 'expires'.
This means:

• When shared with a user, the credential is not longer visible
• When shared with a group, the credential is not longer visible
• When shared with a link, the credential is not longer available.

Idea copied from windows only pw manager ❌

Designate access to all or selected passwords in the event of an emergency.
Access is only granted following a pre-selected period of time.

Enlight this @animalillo

Tabs currently have fixed color

When a user has 3000 password / credential, it takes some time to decrypt a vault.
Until a vault is ready, show a loading spinner.

Change name of Password tool to something like, "Password Audit".

• - Put it on a easyer to find place.
• - Default set minimum password length to the global minimum password length (see other issue).
• - Put in the time to take to crack it with a normal desktop computer.
• - Some grammatical flaws.

Add more colums in the home password screen.
now you need to click on it to see details, but there is plenty of space.

maybe make it setting for hide or not.

For sharing, we need to be able to search for users.

Auto detect urls, and show an open in window icon.

Users should be able to share a password to other users in a read only mode.
In read only mode, the user can only view the password.
This could be configurable per user eg:

User a -> Read only
user b -> Read / write
Group a -> read only
Group b -> read write

Users have the ability to 'expire' passwords at a certain date or a certain interval.
However, the backend structure has not been made yet.

• Add a cron to check for expired passwords
• Show notification for expired passwords
• Clicking on the notification redirects the user to the credential edit page.

Replace $apply() with $digest() where possible on the code to avoid unnecessary global scope updates

Separate issue for discussing sharing.
Was thinking about using this lib: https://github.com/foxwoods/cryptico

Related issues:

• #3 Share password read only
• #4 Share password read + write
• #5 Share for xx views
• #6 Share for until a specific date / time
• #7 Share password with a link

For sharing, we need to be able to search for groups.

Currently when a user tries to login to the vault, the whole vault is requested.
Instead of that add a challenge_password that get's a random encrypted field from a random item.

The users should see the activity on the activity app

Users should be able to share a password to other users in a read + write mode.
In read + write mode, the user can view and edit the password.
This could be configurable per user eg:

User a -> Read only
user b -> Read / write
Group a -> read only
Group b -> read write

In the password Tool clicking on edit at weak password will try to make a new entry

Not working.

Searching with tags is currently broken. Fix after sharing has merged

When a credential is saved, store a copy of the old credential as a revision.

• Add frontend
• Add route
• Add backend
• Add Activity log

Stuff needed for sharing

• Distinguish shared credentials from standard ones
• Distinguish between owned shared credentials and foreign ones
• Convert standard credential to shared credential
• Load pending share requests
• Ask users to import shared credentials on the vault
• Let users know that there are shared credentials waiting for them once they open passman so they go to the vault they prefer them to be
• Use shared credential unique shared key to decypher shared credentials
• Get shared credential shared key
• Store shared credential shared key
• Revisions sstuff
• Files
• API to update shared credentials
• Don't forget to check for edit permission server side.
• Set a way to change users permissions without restarting the whole sharing process
• Set a way to add users without regenerating sharing keys and bugging all users with a new share request
• Convert shared credential to standard credential
• Add activity's (@brantje)

Create a password strength 'scanner' which loops over the vault's credentials, showing weak passwords.

Check if we can replace the file-select directive with: https://github.com/danialfarid/ng-file-upload

Please make a global option to always generate random passwords.

Why?
Because every new entry should be random (more secure).