Indicate type of password used in the "Devices & Sessions" list #12210
Comments
|
What is the uses of doing this? Note that actually all the things there are tokens. Even if you login via the web we store a token in the session. The mobile client already always use an apppasswords as will the desktop client soon. |
|
I was thinking of this as a possibility to check whether the "app password"-feature of the web-interface has been used. |
|
GitMate.io thinks possibly related issues are #2526 (Minor design issues with browser sessions and device passwords), #2300 (App/device password missing, probably after some upgrade), #3395 (Session crashes when typing * in sharing-field), #3683 (Add Icons to Devices/Sessions on Personal Page), and #4915 (Password reset mail not using user's language). |
|
After reading what you wrote a second time, let me ask the question from the other side: Is the "app password" something you only need because of 2-factor-authentication or is this a security feature by itself? |
Steps to reproduce
Expected behaviour
The table should have a column indicating whether the device/session has been established using the general login or an app-specific password.
By this, I also recommend that the wording should be streamlined. App-specific passwords are often referred to als "tokens" (especially here on github). In nextcloud itself, the term "app password" is used, which makes it kind of hard to distinguish from the user password ("my password", "user password", "general password"?)
Actual behaviour
The user can't see which login credentials were used.
Server configuration
Nextcloud version: 14.0.3
The text was updated successfully, but these errors were encountered: