godotengine
User can view values in fields with password type
User can view values in fields with password type. I think this fields should have restrict to show values in this type of fields.
https://user-images.githubusercontent.com/22891743/210402769-b617bfbf-667b-4f3e-b788-437eb8d48bbb.mp4
Godot version: 4.0.beta10
I am not sure if Godot has a UI node that fullfils this use-case. However, we can change the UX for inputting passwords in such a way that copying it becomes impossible from the UI.
Something along the lines of a dialog box that opens up when you click the Password field, and asks you to enter your password, while not displaying the password string in the UI, and then you press OK to set the password in Godot. The user would not see a way to copy the password out of the UI this way.
However, I should mention that the password will always be something that the user can see directly if they have access to the Godot process' memory. They can do a memory dump of the RAM and look for strings at particular places in the memory.
The best way to handle this is to use the OS keychain to register these password strings, but that needs extra research on how it could be implemented in Godot.
What would be the best way to limit this for the user?
Yes, I think using the OS keychain would be a good solution. I also want to offer an additional way implemented in the Intellij IDEA family (Webstorm, Pycharm, etc.). If it finds git-credential-manager, it will show an additional option to use that credential manager.
I understand that this will be a long way. Now I think that removing ability to view the value in the password fields will cover this case, because it does not require additional special knowledge, such as a memory dump of the godot process and can be easy used.
likewise @misha98857 suggested I suggest to enable the option to get the current -and to save - username/password from global git setup I use Debian 11. Thanks :)
