Feature Request: Type Random String To Unlock #33
Comments
|
Hey @BaconErie , I don't know if this is a good idea, since anyone can come & retype the password/string to be able to bypass the password protection. I think that having a mandatory secret question + response would be a better approach to solve this issue.
In fact that's wrong, anyone can disable the extension if he has access to the browser extensions list page, the password do only protect access to the extension panel/settings. Related to #27. |
|
Hello, Thank you for your reply! I understand your idea and your post, however, I think I should clarify my suggestion. My intent for this feature is to prevent impulsive changing of the settings, not to prevent unauthorized users from changing settings. The feature is supposed to be viewed by anyone, however, because retyping the string takes time and is tedious, it can deter users from impulsively disabling blocking. This new feature works similar to the "Require Challenge" feature on StayFocusd, an extension on Chrome. If the Require Challenge is enabled, in order to change the extension settings you must retype a very long phrase/paragraph correctly. The phrase is shown to the user, however the challenge is the time it takes to retype the long phrase.
I understand, I meant the extension settings. Sorry for any confusion my first post may have caused! |
|
Hi, It's okay, so if i understand well, when a user hit the "save" settings button for example, we have to add like a "challenge" that user has to validate before being able to save/change the settings? If so, yeah this could be a good idea. |
|
Yes, that's correct. The challenge would probably be a long phrase or it would be a random string (e.g. j2AbzXmYDYMMtlVOyrq5pinYAtVm545E). |
|
Yes, still i think that what i just proposed (challenging the user on save button click) would only work for the settings page & not for the panel, since you said that you want also to challenge the user when he wants to change the extension status/disable it from the panel. So yeah, I think the panel part needs another approach 🤔, & by the way when i say panel i mean the first little popup that shows once you click on the extension icon. I'm not against what you first proposed: "having to type a string in addition of the password" still i'm not sure if this is very user friendly or not. Maybe the better solution here is to made that optional, so if you as a user for example wants this feature, you enable it first then you'll have to type the "long challenge string" in addition of the password to be able to change the settings. What do you think, does that looks good to you or i'm maybe missing something? Also, we can implement different challenge types, like:
|
|
Yes, I think that would work! And definitely make it optional. You could also have the user enter a long paragraph/phrase with a minimum amount of characters (e.g. 400) and have the user retype the phrase if the option is enabled. |
Currently, a password can be used to protect the settings. This is a good idea, as it can help users like me from disabling the extension. However, users can also set really short passwords, or when setting a very long password users may forget the password.
One solution is to have an option where in order to access the settings the user must retype a long string of random letters and numbers. The amount of key presses can also be tracked on the page to make sure the user doesn't copy paste the string. The string length can be set by the user and the string is refreshed every time the user wants to access the settings.
The text was updated successfully, but these errors were encountered: