You've sent your password to the wrong window (ie: WeeChat), and it is now public, viewed by 1,500 people?
For now, you have to change your password.
For the future, a new script is now available: anti_password.py.
How does it work?
When you press Enter to send text to a buffer, the script detects if the input is a password, in two ways:
- If the input matches a condition: number of words, lower/upper/digit/special chars.
- If a secured data value is in the input (reminder: secured data is the recommended way to store all your passwords in WeeChat) (requires WeeChat ≥ 3.1).
If a password is detected, the text is not sent to the buffer (3 times with the default config).
Note: the WeeChat commands (ie
/xxx) are ignored and are always sent.
There are 4 options to configure the script (see
/fset anti_password for a list of options with help):
allowed_regex: allowed regular expression (checked first)
password_condition: the condition used to detect a password
check_secured_data: whether the script checks for secured data (disabled, input equals secured data or secured data included in input)
max_rejects: the number of times the same input is rejected; after this number, the input is finally sent to the buffer.
Keep your passwords safe!
Updated on 2021-03-13: added option