[IMPROVED] A master password key is now better abstracted in an object.
[IMPROVED] A master password algorithm is now better astracted in an
object.
[ADDED] Elements now have a specific algorithm version.
[ADDED] Automatic/explicit migration of elements.
[ADDED] Searching outdated elements.
[ADDED] Allow saving a user name per site. This is an optional
addition, toggled by tapping the new settings icon.
Obviously user names can't be recovered after loss.
[ADDED] Versioning and explicit migration to MPElementEntity.
[ADDED] Upgrade button in case the element needs explicit migration.
[ADDED] Messages in Crashlytics and TestFlight logs upon
initialization so we can easily see it worked and what the
client's versioning looks like.
[IMPROVED] Only show firstRun UI tooltips once.
[IMPROVED] Automatically select the latest user upon load of unlock.
[IMPROVED] Automatically select the user when his password is reset.
[IMPROVED] Hide active element when logging a user out.
[ADDED] "version" to MPElementEntity.
[ADDED] Tool tip, a tip that points at the content tool.
[ADDED] Upgrade tool, a tool used for upgrading outdated elements.
[ADDED] Page controller in guide to see where in the guide you are.
[ADDED] FontReplacer to be able to "use" Exo from IB (by
substituting "Futura").
[FIXED] A crash when loading the main VC because of the reset
password gesture recogniser.
[IMPROVED] Font in tables to standard system fonts.
[IMPROVED] Guide content positioning and sizing making space for pager.
[IMPROVED] Use action sheets instead of alerts when showing destructive
action choices.
[IMPROVED] Make tappable regions at least 44x44pt.
[IMPROVED] Title/message for alert/sheets.
[FIXED] Importing of mpsites with passwords showing for
stored password types.
[FIXED] Don't try to show mail composition dialog when the user has
no mail account configured. This will crash. Instead,
show a friendly popup explaining things.
[IMPROVED] Message of password export emails.
[FIXED] Hierarchy of MPUnlockVC so password field becomes touchable.
[ADDED] Ability to reset a master password from the unlock screen.
[FIXED] Manually retain objects that live next to a VC in a
storyboard within the VC to avoid an OS bug.
[FIXED] Visibility of the deleteTip.
[ADDED] An index to the FAQ.
[IMPROVED] Improved and expanded the FAQ a bit more.
[REMOVED] Apptentive is now implemented by a standard iOS mail
composer window and can optionally include logs.
[IMPROVED] Better inf-level logging of what's going on.
[AUDITED] Made sure no personal is going out through inf+ levels.
[UPDATED] Guide updated with UI changes.
[FIXED] Don't animate pushing the unlock VC when appearance of main
VC is not animated (eg. application startup).
[FIXED] rememberKey -> rememberLogin in settings bundle.
[REMOVED] saveKey from settings bundle.
[UPDATED] Removed lock from the Default image; show a dummy avatar
instead.
[FIXED] Don't forget key when signing out.
[ADDED] User preference for default password type.
[RENAMED] Secure type to Maximum Security.
[FIXED] Logging bug in password generation.
[ADDED] Confirmation popup after new user creation.
[UPDATED] Crashlytics.
[IMPROVED] Sending logs and configuration to crashlytics, added
sendDebugInfo option that allows the user to choose to send
more info. Now also sending a device identifier.
[ADDED] Avatar selection dialog when a new user is created.
[UPDATED] Algorithm updated to reflect advice from randombit.net
cryptography list:
- Add in a salt (user name) to defeat rainbow tables.
- Add in a fixed string to scope the algorithm and avoid
colliding with someone else's similar or identical
algorithm (also helps protect against precalculated
rainbow tables).
- Use HMAC instead of plain SHA to avoid SHA weaknesses.
The old implementation wasn't vulnerable to extension
attacks or other known weaknesses, but HMAC is a safer
choice and will bring up less suspicion.
- Prefix strings by length as an extra precautionary
measure against possible bugs in hash functions.
[ADDED] A new password type: Secure password. 20 characters, not
word-based, very high entropy.
[FIXED] UI bugs and improvements with the avatar display and
password checking state display.
[FIXED] Unlock screen.
[FIXED] Internal fixes.
[ADDED] Avatar selection in preferences.
[ADDED] Implementation of the other preferences.
[IMPROVED] UI of unlock and preferences screens.
[REMOVED] Stop using apptentive for rating questions. Pearl's
built-in functionality seems nicer and more basic.
[ADDED] Some more tool-tips to help the user, to be shown on first
run only.
[FIXED] The site name tip wasn't showing anymore.
[FIXED] Some language and formatting in help.html.
[IMPROVED] Make persistence more lazy to avoid UI blocks.
[IMPROVED] Use "Master Password" as CFBundleDisplayName at runtime. No
home-screen length restrictions there.
[FIXED] Inform Apptentive of significant events.
[FIXED] Immediately open the application on the password entry view
if the key is forgotten instead of revealing the internals
in a blink.
[FIXED] Clean up the UI better when switching between master
passwords.
[ADDED] Ask spelling confirmation when a master password is used
that doesn't have any known sites yet.
[ADDED] iPad HD quality icon.
[IMPROVED] Artworks re-generated, downscale improved, convertImages
improved.
[IMPROVED] Small guide text improvements.
[UPDATED] Help texts updated for current operation and UI.
[IMPROVED] MP-15: Audit and improve log messages.
[ADDED] If an element's counter is 0, generate a time-based OTP
instead. The OTP changes every 5 minutes.
[UPDATED] Change TestFlight preprocessor toggles to
TESTFLIGHT_SDK_VERSION.
[IMPROVED] Change logic behind shared MPAppDelegate to inheritance,
allowing for the common files to implement methods that the
platform-specific class can override.
[IMPROVED] Handling and checking of config changes.
[ADDED] iCloud config toggle, allowing a user to turn on and off
the iCloud store.
[IMPROVED] Explanation of iCloud.
[UPDATED] Check TARGET_OS_IPHONE instead of
__IPHONE_OS_VERSION_MIN_REQUIRED.
[UPDATED] A few TestFlight checkpoints names have been updated.
[ADDED] A few new TestFlight checkpoints for new features.
[ADDED] Warn the user when he's not using iCloud and allow him to
switch back to iCloud.
[FIXED] Migration problems should be fixed non-interactively: The
main thread may well be unavailable which means we may not
be able to actually get a message through to the user. This
would dead-lock the migration problem recovery.
[ADDED] Importing mpsites exports.
[RENAMED] keyHashHex -> keyID.
[RENAMED] Calculated -> Generated.
[FIXED] iOS: Dismiss mail VC when done with it.
[FIXED] iOS: Properly hide content tip icons when a content tip is
shown while one with an icon is still active.
[FIXED] iOS: Settings bundle was using old keys.
[ADDED] OS X: Lots of warning checks when compiling.
[ADDED] OS X: Ability to enable and disable iCloud.
[ADDED] OS X: Support for rememberKey & saveKey.
[UPDATED] storeKey -> saveKey: makes more sense to people.
[IMPROVED] OS X: Password display window fancier.
[UPDATED] Moved shared MPAppDelegate code into separate files
depending on the code's responsibility.
[UPDATED] iCloud implementation removed in favor of
iCloudStoreManager's managed implementation.
[FIXED] iCloud configuration made AppStore friendly.
[UPDATED] Pearl to ARC.
[FIXED] Crash related to persistence changes that caused UI updates
while other UI changes were ongoing.
[IMPROVED] Real description of MPElementEntities and use content
whenever the password is requested.
[IMPROVED] iOS: Handling of search result fetching and table reloading.
[ADDED] OS X: A status item to activate the MP window.
[ADDED] OS X: A global hotkey (cmd-ctrl-p) to activate the MP
window.
[ADDED] OS X: Make the MP window dismissable by hitting Esc.
[ADDED] OS X: Copy the site content by hitting Enter.
[FIXED] OS X: Make the password field first responder.
[FIXED] OS X: Don't pop the password window multiple times if the
application gets activated while the key isn't set yet.
[IMPROVED] OS X: Remove the MP icon from the dock.
[REMOVED] OS X: Disabled ability to add new sites from OS X until I
have time to implement it properly without causing
duplicates etc.
[MOVED] iCloud and Core Data support was centralised to iOS and OS X
to make sure both platforms always use the same container
configuration.
[FIXED] iCloud sync problems.
[REMOVED] iCloud KV is not used/needed.
[ADDED] Crashlytics, Localytics.
[IMPROVED] Async TestFlight takeOff.
[REMOVED] TestFlight token hidden.
[FIXED] Warnings, mostly to do with sign conversions.
[ADDED] Warning messages whenever site's password changes, allowing
the user to cancel the operation.
[ADDED] Make password counter resettable by holding down on the
counter increment button.
[FIXED] Schedule all UI-changing methods on the main thread. Fixes
some UI bugs.
[FIXED] Attempt to calculate password for deleted element.
[FIXED] MP-6: Close open alert when switching sites.
[FIXED] MP-7: Remind user to change site's password when creating a
new site.
[ADDED] OS X: Master password input and changing.
[ADDED] OS X: Autocompletion by searching Core Data for previously
used sites.
[ADDED] OS X: Working password generation for sites.
[FIXED] Bad ciphering on little endian machines: Convert bytes to
network endian before using them as numbers.
[FIXED] Opening of Core Data store when iCloud is unavailable.
[MOVED] Key logic now in a common class extension on MPAppDelegate
so it can be shared between iOS and OS X apps.
[MOVED] MPConfig for sharing between iOS and OS X apps.
[CHANGED] keyphrase -> key.
[FIXED] Switching between guide and unlock screen.
[ADDED] Sign out button in action so you can sign in with a
different master password.
[REMOVED] Change password from MPConfig. There are better facilities
for this now.
[FIXED] Image names in the lockscreen.
[UPDATED] TestFlight SDK updated to 0.8.3
[ADDED] Log >=info messages to TestFlight
[ADDED] Hide status bar while locked.
[ADDED] Show all sites when search results icon is tapped.
[IMPROVED] Search table cells.
[ADDED] Fancy master password input screen.
[FIXED] Key size of stored passwords.
[FIXED] Several UI fixes.
[FIXED] The counter wasn't correctly added to the cipherKey.
[IMPROVED] Site style improvements.
[UPDATED] Site algorithm explanation update.
[FIXED] Lock keychain items while device is locked.
[ADDED] Implemented Device-Private passwords by storing them in the
keychain.
[ADDED] Implemented encryption for stored passwords.
