Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lncli should ask to repeat passphrase #1507

Closed
abrkn opened this issue Jul 6, 2018 · 6 comments · Fixed by #3303
Closed

lncli should ask to repeat passphrase #1507

abrkn opened this issue Jul 6, 2018 · 6 comments · Fixed by #3303
Labels
beginner Issues suitable for new developers cli Related to the command line interface good first issue Issues suitable for first time contributors to LND P3 might get fixed, nice to have

Comments

@abrkn
Copy link

abrkn commented Jul 6, 2018
edited
Loading

Background

lncli should ask to repeat passphrase for improved user experience/security

Your environment

lnd version 0.4.2-beta commit=a0b2fadea35fa4642daf4e9f56e6ecfe31d22ce1

Steps to reproduce

lncli create

Use existing seed. Add passphrase.

Expected behaviour

Should ask to repeat passphrase

Actual behaviour

Only asks once.
@Roasbeef
Copy link
Member

Roasbeef commented Jul 6, 2018

bip38

We don't use bip38.

@Roasbeef Roasbeef added beginner Issues suitable for new developers good first issue Issues suitable for first time contributors to LND cli Related to the command line interface P3 might get fixed, nice to have labels Jul 7, 2018
@abrkn
Copy link
Author

abrkn commented Jul 11, 2018

We don't use bip38.

Updated to reflect that

This was referenced Jul 11, 2018
Closed
Closed
@cbarraford
Copy link

I've created a PR for this issue, #1540

@carlaKC
Copy link
Collaborator

carlaKC commented Jul 9, 2019

Going to pick this up since it seems like the existing PRs have stalled?

Just wondering about UX for this change, in terms of how many times a user should be allowed to re-attempt their password if they get it wrong, and whether to start from scratch with a new password if they fail to match their original entry.

Something like this, allowing the use to go through this flow twice then terminate because you don't want people to get confused over which password they've entered?

  1. Enter Password: 

  2. Repeat password: does not match

  3. Repeat attempt 2: does not match

@cfromknecht
Copy link
Contributor

Use existing seed. Add passphrase.

@abrkn if you have an existing seed, it already has a passphrase. you're only entering it to decrypt the seed.

@wpaulino
Copy link
Contributor

wpaulino commented Jul 9, 2019

Just wondering about UX for this change, in terms of how many times a user should be allowed to re-attempt their password if they get it wrong, and whether to start from scratch with a new password if they fail to match their original entry.

@carlaKC to me the best approach seems like prompting the user in an infinite loop for the password if the confirmation doesn't match, though there may be differing opinions. So something like:

  1. Enter password:
  2. Repeat password: does not match
  3. Enter password:

I believe this would match the behavior of creating new users in a UNIX system.

@carlaKC carlaKC mentioned this issue Jul 11, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
beginner Issues suitable for new developers cli Related to the command line interface good first issue Issues suitable for first time contributors to LND P3 might get fixed, nice to have
Projects
None yet
Milestone
No milestone
6 participants
@cbarraford @abrkn @Roasbeef @cfromknecht @wpaulino @carlaKC