Skip to content

feat(login): Clear login form (password) after IDLE timeout#44438

Merged
susnux merged 2 commits intomasterfrom
feat/login-form-timeout
Mar 25, 2024
Merged

feat(login): Clear login form (password) after IDLE timeout#44438
susnux merged 2 commits intomasterfrom
feat/login-form-timeout

Conversation

@susnux
Copy link
Contributor

@susnux susnux commented Mar 23, 2024
edited
Loading

Summary

For security reasons it is recommended to stop the login process at a defined time, this could prevent password leaks by e.g. user forgetting that they entered their password on public devices.

Enforced e.g. by the BSI ORP.4.A13 rule.

(I would really like to provide a screencast but currently I am under wayland and pipewire segfaults when recording...)

Checklist

@susnux susnux added this to the Nextcloud 29 milestone Mar 23, 2024
@susnux susnux force-pushed the feat/login-form-timeout branch 2 times, most recently from 4a38ea6 to 6ceecfa Compare March 23, 2024 14:03
@susnux susnux force-pushed the feat/login-form-timeout branch from 6ceecfa to fb53411 Compare March 23, 2024 17:33
@Altahrim Altahrim mentioned this pull request Mar 25, 2024
Merged
@ChristophWurst ChristophWurst added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Mar 25, 2024
@susnux
feat(login): Clear login form (password) after IDLE timeout
3fede00 
For security reasons it is recommended to stop the login process at a defined time,
this could prevent password leaks by e.g. user forgetting that they entered their password on public devices.

Enforced e.g. by the BSI ORP.4.A13 rule.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
@susnux
chore: Compile assets
d224914 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
@susnux susnux force-pushed the feat/login-form-timeout branch from fb53411 to d224914 Compare March 25, 2024 12:38
@susnux susnux merged commit 7d51b6f into master Mar 25, 2024
@susnux susnux deleted the feat/login-form-timeout branch March 25, 2024 20:03
@github-actions
Copy link
Contributor

github-actions bot commented May 1, 2024

Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.

We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.

Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6

Thank you for contributing to Nextcloud and we hope to hear from you soon!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nfebe nfebe nfebe approved these changes

@skjnldsv skjnldsv skjnldsv approved these changes

@ChristophWurst ChristophWurst Awaiting requested review from ChristophWurst

@Pytal Pytal Awaiting requested review from Pytal

+1 more reviewer

@emoral435 emoral435 emoral435 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

4. to release Ready to be released and/or waiting for tests to finish enhancement feature: authentication feedback-requested security

Projects

None yet

Milestone

Nextcloud 29

Development

Successfully merging this pull request may close these issues.

5 participants

@susnux @nfebe @skjnldsv @emoral435 @ChristophWurst