New Idea: Encrypted Nodes
24 views
Skip to first unread message
Phaze
May 22, 2017, 11:13:13 PM5/22/17
to leo-editor
The absence of this feature is the only thing that is preventing me from using leo as a password store
It would be very cool if we could encrypt both the text and the structure of nodes marked @encrypt and present a dialog box requesting the key/password to decrypt and use the outline tree. The section in the actual .leo file would need to be stored as encrypted text however as simply having a password tacked on the node could be circumvented by looking at the raw xml.
Although it may not be state of the art, and is in many cases crackable with patience, a Vigenère would be easy enough to implement. It would also deter a casual snoop.
If the option was also given to enforce the use of the leo users id as part of the key/password it would also provide an additional level of authentication/security.
Just an idea
Paran
It would be very cool if we could encrypt both the text and the structure of nodes marked @encrypt and present a dialog box requesting the key/password to decrypt and use the outline tree. The section in the actual .leo file would need to be stored as encrypted text however as simply having a password tacked on the node could be circumvented by looking at the raw xml.
Although it may not be state of the art, and is in many cases crackable with patience, a Vigenère would be easy enough to implement. It would also deter a casual snoop.
If the option was also given to enforce the use of the leo users id as part of the key/password it would also provide an additional level of authentication/security.
Just an idea
Paran
Chris George
May 22, 2017, 11:45:37 PM5/22/17
to leo-e...@googlegroups.com
Check out the stickynote plugin. It has some support for encryption.
I am not sure of its status at the moment though. It has been some time since I looked at it.--
You received this message because you are subscribed to the Google Groups "leo-editor" group.
To unsubscribe from this group and stop receiving emails from it, send an email to leo-editor+unsubscribe@googlegroups.com.
To post to this group, send email to leo-e...@googlegroups.com.
Visit this group at https://groups.google.com/group/leo-editor.
For more options, visit https://groups.google.com/d/optout.
Terry Brown
May 22, 2017, 11:53:58 PM5/22/17
to leo-e...@googlegroups.com
On Mon, 22 May 2017 20:13:13 -0700 (PDT)
Phaze <paranh...@gmail.com> wrote:
> The absence of this feature is the only thing that is preventing me
> from using leo as a password store
This feature exists in the stickynotes plugin. It only works if the
Phaze <paranh...@gmail.com> wrote:
> The absence of this feature is the only thing that is preventing me
> from using leo as a password store
PyCrypto library is installed (python-crypto).
It's per node, not per tree, but you only need to enter the key once
per session. I.e. it will use the same pass phrase for all nodes in an
outline, unless you force re-entry. I can fit all my passwords in one
node (the stickynote widget has a find function specifically to make
this usable).
I don't think there's any way to easily break the encryption if you use
a decent pass phrase, nothing too short. So forget the phrase, lose
the data.
By only putting the clear text in the stickynote widget, not the
regular body widget, it tries to minimize the chances of the text being
written to disk, but no guarantees, swap files, etc. etc.
Cheers -Terry
Terry Brown
May 23, 2017, 8:31:58 AM5/23/17
to leo-e...@googlegroups.com
On Mon, 22 May 2017 20:45:35 -0700
Chris George <techn...@gmail.com> wrote:
> Check out the stickynote plugin. It has some support for encryption.
>
> I am not sure of its status at the moment though. It has been some
> time since I looked at it.
It's working ok - being what I use for my passwords, I recently fixed
Chris George <techn...@gmail.com> wrote:
> Check out the stickynote plugin. It has some support for encryption.
>
> I am not sure of its status at the moment though. It has been some
> time since I looked at it.
it to work with Python 2 and 3 (seeing the encrypted text is stored
base64, there were some encoding / bytes issues).
Cheers -Terry
> Chris
>
> On Mon, May 22, 2017 at 8:13 PM, Phaze <paranh...@gmail.com> wrote:
>
> > The absence of this feature is the only thing that is preventing me
> > from using leo as a password store
> >
> > It would be very cool if we could encrypt both the text and the
> > structure of nodes marked @encrypt and present a dialog box
> > requesting the key/password to decrypt and use the outline tree.
> > The section in the actual .leo file would need to be stored as
> > encrypted text however as simply having a password tacked on the
> > node could be circumvented by looking at the raw xml.
> >
> > Although it may not be state of the art, and is in many cases
> > crackable with patience, a Vigenère would be easy enough to
> > implement. It would also deter a casual snoop.
> >
> > If the option was also given to enforce the use of the leo users id
> > as part of the key/password it would also provide an additional
> > level of authentication/security.
> >
> > Just an idea
> > Paran
> >
> >
> > --
> > You received this message because you are subscribed to the Google
> > Groups "leo-editor" group.
> > To unsubscribe from this group and stop receiving emails from it,
Reply all
Reply to author
Forward
0 new messages