Keepass does not get locked if Generate Password prompt is kept open

[ssaumitra]

Overview

After generating new password to certain website, if someone forgets to click Apply Password, KeepassXC does not get locked. If someone else accesses my computer after that, Keepass database stays open giving the second person access to all my passwords without needing to unlock the database.

Steps to Reproduce

1. Open an existing database in KeepassXC.
2. Enter edit mode (Start editing an existing entry / create new entry).
3. Click on generate password button and open Generate Password dialog.
4. Copy the generated password but do NOT click on Apply Password.
5. Put your computer to sleep or lock screen. Log back in.
6. Notice that Keepass database is unlocked and all stored passwords are accessible without needing to enter the master password.

Expected Behavior

If user forgets to click on Apply Password button, edits/new password should be saved in a draft entry. Keepass should get locked when the computer is put on sleep. After Keepass is unlocked, user should be allowed to save draft edits.

Actual Behavior

Keepass stays unlocked. All passwords can get compromised if non-trustworthy person gets access to the computer (e.g. public workstation)

Context

KeePassXC - Version 2.6.4
Revision: 34a78f0

Qt 5.15.2
Debugging mode is disabled.

Operating system: macOS 11.3
CPU architecture: x86_64
Kernel: darwin 20.4.0

Enabled extensions:

• Auto-Type
• Browser Integration
• SSH Agent
• KeeShare (signed and unsigned sharing)
• YubiKey
• TouchID

Cryptographic libraries:

• libgcrypt 1.9.1

Operating System: macOS
Version: 11.3.1

[michaelk83]

Sounds like a duplicate of #721.
It does deserve some attention though. It's been marked high priority, but has been put off since version 2.2.

[droidmonkey]

Not put off, we have been fixing this per-dialog as we find problems. That issue mainly centers around what to do with a modified database on lock.