Comments (10)
Can you specify which OS and app version you are using?
from electronmail.
app version 0.3.2 (but its the same for previous versions)
OS Win 7 Enterprise x64 SP1 - all security updates installed
from electronmail.
Can you try this version https://www.dropbox.com/s/fquubq186t9ldqn/protonmail-desktop-app-0.4.0-windows-nsis-installer.exe?dl=0? A basic workaround has been applied.
from electronmail.
Also in case of facing this issue, can you run rundll32.exe keymgr.dll,KRShowKeyMgr
in console (or running win+r, it opens Credential Vault) and locate there protonmail-desktop-app/master-password
record?
from electronmail.
Running version 0.4.0 now. For now master password record is there if I run that command and auto login works. Give me a week to test it. I'm not exactly sure after how many days the problem appeared before, but I think it was not more than 7 days. So we will see.
from electronmail.
There is no option to specify expiration doing password record saving into the vault, so I guess system removes it automatically from the Credential Vault based on some criteria which is unclear so far. Workaround simply re saves password into the vault each time when auto login is happening.
from electronmail.
I found the issue. I thought before its just saved in some config file for protonmail-desktop-app and not directly in the system passwords and I'm autocleaning that regularly, so that was why it was gone after some time. Maybe better to save that just in some encrypted config file created just for this app and not directly in the system?
from electronmail.
Saving something encrypted means that it will need to be decrypted then. Automatic decryption means that encryption key will need to be saved somewhere as user is not asked to enter it. For example encryption key can be a hash generated based on the hardware devices serial numbers (such as HDD serial number, or CPU), but getting such kind of system information would most likely require admin access rights and would complicate things in general.
So node-keytar is used to save the master password in system's keychain. Saving password in system's keychain is not really secure by the way atom/node-keytar#88. That's a reason why there is a red warning with a security weakness message shown near the password saving checkbox. So password saving option is supposed to be used only if you understand the risk.
from electronmail.
I understand this. I thought maybe some password decryption based on USB flash drive with some key file or something like that.
from electronmail.
password decryption based on USB flash drive
That should not be a problem to implement this, but it's not in the agenda so far.
It would be great if a system keychain would allow to interact with the specific password record to only app that created that record, for example based on the app path and it's hash sum, but it's not like that.
from electronmail.
Related Issues (20)
- Will the development of electronmail continue, despite the upcoming official proton desktop client ? HOT 1
- ElectronMail window flickers on Windows 11 HOT 3
- Messages are no longer displayed HOT 1
- Android version of the application HOT 1
- Tor does not protect our IP address and is revealed with a webRTC leak HOT 10
- The app refuses to save more than one "proton-session" cookies records set HOT 3
- Maybe this is outside of the scope, but ability to access new web app of Proton Pass? HOT 1
- Can't open web links from e-mails in default browser HOT 8
- Windows 7 CRACK for v. 5.2.2 HOT 4
- [Bug] Drive: unable to download files that ask for location before download (large files) HOT 4
- problem with loading font in system dialogs HOT 3
- [FR] Use NativeMessaging for KeePassXC integration
- I am confused on how to do the code for recovering my proton mail password HOT 21
- Proton Mail has received official Windows client HOT 3
- Calendar side bar, no network connection HOT 1
- @taivlam for the mpr PKGBUILD HOT 2
- [Feature Request] Add Touch ID Support to MacOS App
- Minimize with ⌘+M on MacOS
- Automatically open with PC/login HOT 1
- Project development HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from electronmail.