Some feedback on the passwords-app

ℹ️ Support
, ,
1

First off, love the passwords app! Kudos to @mdw and everyone else behind getting it to where it is today. :smiling_face_with_three_hearts:

Previously I used the keepass app, and decided to switch to nextcloud passwords for reasons:

  • concerns about future compatibility of an unmaintained app
  • I like features like sharing
  • tight integration with nextcloud UI

Migration was just about seamless! I just had to export my keepass databases to a spreadsheet, do some minimal tidying (which was easier to do in the spreadsheet anyway), then import. I did this for everyone in my family and it was very smooth.

Installing iOS app also was easy, and the interface is especially nice. With continuity between my phone and mac, that almost becomes the easiest way to grab usernames and passwords when I need to log into a website. :rocket:

The only real problem I have with nextcloud passwords is that the passwords app can be opened without authenticating, if you are already logged into nextcloud. I felt safer with keepass which requested a password within nextcloud, and also timed out after a couple minutes so you have to log in again. Otherwise I have no reason to stay logged out of the nextcloud web app and like to have ready access to files and pictures. I use my Discourse site to authenticate, which I also stay logged into so even if I log out of Nextcloud it’s possible to log back in again without a password, and access all my passwords. :grimacing:

I also am missing the ability to preconfigure password settings for all users, and override their existing settings. After some experimenting I am finding there is a way to set it up that I prefer which is different from the defaults. I also think it would be a nice touch to provide seeded password folders as you see with other password apps these days.

Some other things I noticed:

  1. create new password link is hidden behind ... which is awkward and hard to find. It’s the only link there so why not just have a button to create a new password?
  2. my 86 year old father is confused by “Password was copied to clipboard” messaging. Every time he asks “what is a clipboard?” I realised that nobody ever uses that terminology in interfaces anymore and this could be shortened to “Password copied”
  3. when you create a password in a different folder than the one you are looking at and save it, it disappears!
  4. it’s not possible to select multiple from list and perform bulk actions, eg to delete old passwords or to move a bunch of passwords to a new folder
  5. would prefer bigger notes editing UI, without markdown
  6. search is very slow, and also offers “search everywhere” which is confusing because passwords is part of nextcloud. “Everywhere” just means all password folders so I’d be explicit about that.
  7. when editing a password:
    • fields are displayed in a weird order, password first. would make sense to follow a different ordering: name, user, password, website, tags
    • the generate password link is too close to the view password link so it is easy to click accidentally. a confirmation popup and revert button would be really helpful, when replacing a password
    • when you do make a change, it is too easy to exit without saving changes first by clicking X or away from the edit window. A "you have unsaved changes: confirmation would be helpful.
    • would be helpful to be able to send to trash/delete from here as well
1 Like
2

The passwords app supports end to end encryption which will always require entering the encryption passphrase before being able to see the passwords: Enable End to End Encryption · Wiki · nextcloud / passwords · GitLab

Can you elaborate? The UI seems quite big to me so i don’t understand this.

Can you elaborate? What did you expect to happen? I checked and the password is moved from the folder it is in to the new folder.

Sounds like a good idea to me.

Here’s the reason for the order: Password is the only required field. Username is the most likely second field people actually care about. Name is optional and website too.

3

Thanks for taking the time to read my feedback! :hugs:

Awesome! I honestly did not understand what that does from the UI. “Require a password to access passwords” might be a bit easier to understand.

I think this should be enabled by default.

Counter intuitive, I know, but I also think it should be allowed to use a less secure password here, or to allow less secure passwords here via an admin setting. It is cumbersome to have to use a long, complex password that might be hard to remember to access your password manager!

Here’s a screenshot:

Screenshot 2025-02-10 at 07.37.44
Screenshot 2025-02-10 at 07.37.44909×728 48.6 KB

I expect to move to the same folder, so the new password I just added is visible immediately after saving it. As it is, when you save the password you are taken back to the folder you were in previously which means you don’t see the password you just created. To me this is a jarring user experience.

Hope that makes sense.

I can see that. I think I am personally finding it confusing because I have never seen them organized that way in a password manager. It’s even different from the order they are listed in the details.

4

Another bit of feedback is that it can be easy to lose your orientation in nextcloud, when in the passwords app. The UI mimics the files app and there is nothing to signal that you are in the passwords app. Other apps like memories-app seem to handle this a bit better.

For instance, on the passwords login screen, what password am I expected to put in?

Screenshot 2025-02-10 at 10.42.03
Screenshot 2025-02-10 at 10.42.031107×662 209 KB

In the settings, there is no heading so you don’t know you are just in the passwords settings. Actions like “Delete everything” are scary because it looks like you are wiping your entire nextcloud account when actually you’re just wiping your passwords.

Screenshot 2025-02-10 at 12.11.21
Screenshot 2025-02-10 at 12.11.21589×232 15.1 KB