It would be great to have an option in the Insert Text Action to designate the text as a password in order to hide the value in the KM Action. So when using KM to enter passwords they are hidden in the Macro Editor.
There already is a way to do that. All you have to do is minimize the action to a single line and then rename the action. For example, this action will insert my password, and you can't read the password!...
This hides the password! When you expand the action it looks like this:
Any other mechanism that the Architect may add to the Insert Text action (like a flag on the cogwheel) would be pretty much equally easy to hide and redisplay the password.
You should also consider using password variables. Consult the KM wiki for more info. manual:Variables [Keyboard Maestro Wiki]
In either of those cases, if someone has access to the KM editor, they could see the password.
It would be great that if text could display like “••••••••” inside the Insert Text Action if designated as a password.
I guess there are two ways to do this-
1-Have a KM password to reveal it.
2-Once text is designated as a password, the text cannot ever be revealed. It will always display as “••••••••”. But it could be re-entered in the Action at any time.
The second option is less of a coding issue and less intrusive on feature bloat, but would certainly work in practice. There would be no need to reveal it if you can always just re-enter it.
That's un-possible. The password has to be stored un the clear in the macro storage file, which anyone can open to read the password. There are probably macros on this website which can view the contents of that file. But if all you want is a simple way to camouflage the password, you can use my method described above.
The question you have to answer is who are you trying to hide the password from? I don't think you want to hide it from the KM programmer. So how do you expect the KM Editor to distinguish between "the programmer" and "someone who is not authorized to access KM"? In my opinion, that's already solved by having the user authorize himself by logging into an account on the Mac. There's no need to implement a second level of user authentication in the KM Editor application when macOS already provides this feature.
I am quite sure that KM allows you to make its installation (including macros) accessible to only one user on the Mac. That should be how you implement a solution to this problem.
No, not if you use my advice and give each user their own copy of KM.
1 Like
Have you looked at the 2 keychain-related actions? You can use the keychain to store and retrieve your password securely. action:Set Variable to Keychain Password [Keyboard Maestro Wiki] and action:Set Keychain Password to Text [Keyboard Maestro Wiki]
4 Likes
@Airy That all makes sense. Thank you.
@tiffle Ah. Will do. Thank you.
Also keep in mind that if someone is using the KM Editor on your Mac, without your permission, that implies an entire additional level of issues that must be addressed, all of which are much worse than "my password is visible."
-rob.
3 Likes
Thanks for the compliment. I was worried that your next response might have been angry with me.
1 Like