Script anti_password.py
By Sébastien Helleu on Friday, February 26 2021, 18:39 - scripts - Permalink
You've sent your password to the wrong window (ie: WeeChat), and it is now public, viewed by 1,500 people?
For now, you have to change your password.
For the future, a new script is now available: anti_password.py.
How does it work?
When you press Enter to send text to a buffer, the script detects if the input is a password, in two ways:
- If the input matches a condition: number of words, lower/upper/digit/special chars.
- If a secured data value is in the input (reminder: secured data is the recommended way to store all your passwords in WeeChat) (requires WeeChat ≥ 3.1).
If a password is detected, the text is not sent to the buffer (3 times with the default config).
Note: the WeeChat commands (ie /xxx
) are ignored and are always sent.
Options
There are 4 options to configure the script (see /fset anti_password
for a list of options with help):
allowed_regex
: allowed regular expression (checked first)password_condition
: the condition used to detect a passwordcheck_secured_data
: whether the script checks for secured data (disabled, input equals secured data or secured data included in input)max_rejects
: the number of times the same input is rejected; after this number, the input is finally sent to the buffer.
Keep your passwords safe!
Updated on 2021-03-13: added option allowed_regex
.