You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
currently, for the commands that do support pin the PIN is passed by using a commandline argument like solo key verify --pin 0000, but this has 2 main this that are kinda bad:
the PIN can be seen by anyone looking at the screen until the terminal is closed or the pin gets off screen in other ways (shoulder surfing)
many command line interfaces keep a log of the last used commands, some even beyond the "session" of that CLI window, storing the PIN unencrypted on the user's file space
leaving the PIN argument as the only option is in my opinion not pretty as many other commands that work with passwords at least offer the solution of when not specifying a password as parameter (as would most novice users do) to ask for the password is a hidden prompts (in other words no one can see the password while typing and it isnt logged), which is at least in my opinion a by far nicer option. keeping the PIN argument for things like deployment of many keys in a row with randomized credentials or whatever, but having a hidden PIN prompt (as apparently is even a thing in solo key set-pin and solo key change-pin) seems like a much more user friendly option
This discussion was converted from issue #70 on June 18, 2020 07:46.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
currently, for the commands that do support pin the PIN is passed by using a commandline argument like
solo key verify --pin 0000, but this has 2 main this that are kinda bad:leaving the PIN argument as the only option is in my opinion not pretty as many other commands that work with passwords at least offer the solution of when not specifying a password as parameter (as would most novice users do) to ask for the password is a hidden prompts (in other words no one can see the password while typing and it isnt logged), which is at least in my opinion a by far nicer option. keeping the PIN argument for things like deployment of many keys in a row with randomized credentials or whatever, but having a hidden PIN prompt (as apparently is even a thing in
solo key set-pinandsolo key change-pin) seems like a much more user friendly optionBeta Was this translation helpful? Give feedback.
All reactions