diff --git a/ChangeLog b/ChangeLog index cf3a71f..3822fbb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,14 +1,17 @@ -**v0.9 :** +**v0.8.1 :** + Server + * Scroll to page bottom when user adds a new password + * Run a simpler algorithm for wildcard domains + Addon - * Run a simple algorithm for wildcard domains + * Add Privacy Policy information + * Run a simpler algorithm for wildcard domains CLI - * Run a simple algorithm for wildcard domains - **v0.8 :** Server diff --git a/PrivacyPolicy.md b/PrivacyPolicy.md new file mode 100644 index 0000000..88ea16b --- /dev/null +++ b/PrivacyPolicy.md @@ -0,0 +1,47 @@ +gPass web browser extension Privacy Policy +------------------------------------------ + + +## Information we collect ## + +The gPass extension collect three information once invoked : + * Site address URL + * Login name + * Master key + + +## How we use information we collect ## + +Once collected, site address and login name are crypted by a derived version of your master key. +It's then sent to the server you configured in extension configuration page for comparison. + +This server has been set up by the user himself (recommended) or by a provider he trust in. + +The database that the server access to do comparisons only contains the crypted +version of your information. They are never decrypted in the server side. + +If a comparison match, the real password is sent back to your extension were +it's unencrypted using the same key. + +Finally, the application context is cleared and nothing is retained in memory +nor written anywhere. + + +## Accessing and updating your personal information ## + +As a user, you can add, edit and delete your crypted information through +the web interface of the configuration defined server. + +During these operations, no clear information is sent to the server. + + +## Information we share ## + +Nothing is shared with anyone. Nor on extension side nor on server side. + + +## Information security ## + +Information transmitted to the server are done through an HTTPS AJAX request. +Data are crypted using AES 256 CBC algorithm and the master key is prior +derived using PKBDF2 algorithm. diff --git a/chrome_addon/lib/main.js b/chrome_addon/lib/main.js index 7376114..a56d9cc 100644 --- a/chrome_addon/lib/main.js +++ b/chrome_addon/lib/main.js @@ -458,4 +458,8 @@ async function self_test() console.log("Self test OK !"); } +console.log("Welcome to gPass web extension v0.8.1 !"); +console.log("Privacy Policy can be found at http://indefero.soutade.fr/p/gpass/source/tree/master/PrivacyPolicy.md"); +console.log(""); + //self_test(); diff --git a/chrome_addon/manifest.json b/chrome_addon/manifest.json index 45f76bc..423c03c 100644 --- a/chrome_addon/manifest.json +++ b/chrome_addon/manifest.json @@ -3,7 +3,7 @@ "name": "gPass", "short_name": "gPass", - "version": "0.8", + "version": "0.8.1", "description": "gPass : global password manager", "icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"}, "author" : "Grégory Soutadé", diff --git a/firefox_webextension/manifest.json b/firefox_webextension/manifest.json index 95c7324..5d9401d 100644 --- a/firefox_webextension/manifest.json +++ b/firefox_webextension/manifest.json @@ -3,7 +3,7 @@ "name": "gPass", "short_name": "gPass", - "version": "0.8", + "version": "0.8.1", "description": "gPass : global password manager", "icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"}, "author" : "Grégory Soutadé", diff --git a/server/resources/gpass.js b/server/resources/gpass.js index 0ebac4c..6d98d2c 100755 --- a/server/resources/gpass.js +++ b/server/resources/gpass.js @@ -761,6 +761,8 @@ function add_password() startClearTimer(); }); + window.scrollTo(0,document.body.scrollHeight); + return true; }