[FIXED] Importing of mpsites with passwords showing for
stored password types.
[FIXED] Don't try to show mail composition dialog when the user has
no mail account configured. This will crash. Instead,
show a friendly popup explaining things.
[IMPROVED] Message of password export emails.
[FIXED] Hierarchy of MPUnlockVC so password field becomes touchable.
[ADDED] Ability to reset a master password from the unlock screen.
[FIXED] Manually retain objects that live next to a VC in a
storyboard within the VC to avoid an OS bug.
[FIXED] Visibility of the deleteTip.
[ADDED] An index to the FAQ.
[IMPROVED] Improved and expanded the FAQ a bit more.
[REMOVED] Apptentive is now implemented by a standard iOS mail
composer window and can optionally include logs.
[IMPROVED] Better inf-level logging of what's going on.
[AUDITED] Made sure no personal is going out through inf+ levels.
[UPDATED] Guide updated with UI changes.
[FIXED] Don't animate pushing the unlock VC when appearance of main
VC is not animated (eg. application startup).
[FIXED] rememberKey -> rememberLogin in settings bundle.
[REMOVED] saveKey from settings bundle.
[UPDATED] Removed lock from the Default image; show a dummy avatar
instead.
[FIXED] Don't forget key when signing out.
[ADDED] User preference for default password type.
[RENAMED] Secure type to Maximum Security.
[FIXED] Logging bug in password generation.
[ADDED] Confirmation popup after new user creation.
[UPDATED] Crashlytics.
[IMPROVED] Sending logs and configuration to crashlytics, added
sendDebugInfo option that allows the user to choose to send
more info. Now also sending a device identifier.
[ADDED] Avatar selection dialog when a new user is created.
[UPDATED] Algorithm updated to reflect advice from randombit.net
cryptography list:
- Add in a salt (user name) to defeat rainbow tables.
- Add in a fixed string to scope the algorithm and avoid
colliding with someone else's similar or identical
algorithm (also helps protect against precalculated
rainbow tables).
- Use HMAC instead of plain SHA to avoid SHA weaknesses.
The old implementation wasn't vulnerable to extension
attacks or other known weaknesses, but HMAC is a safer
choice and will bring up less suspicion.
- Prefix strings by length as an extra precautionary
measure against possible bugs in hash functions.
[ADDED] A new password type: Secure password. 20 characters, not
word-based, very high entropy.
[FIXED] UI bugs and improvements with the avatar display and
password checking state display.
[FIXED] Unlock screen.
[FIXED] Internal fixes.
[ADDED] Avatar selection in preferences.
[ADDED] Implementation of the other preferences.
[IMPROVED] UI of unlock and preferences screens.
[REMOVED] Stop using apptentive for rating questions. Pearl's
built-in functionality seems nicer and more basic.
[ADDED] Some more tool-tips to help the user, to be shown on first
run only.
[FIXED] The site name tip wasn't showing anymore.
[FIXED] Some language and formatting in help.html.
[IMPROVED] Make persistence more lazy to avoid UI blocks.
[IMPROVED] Use "Master Password" as CFBundleDisplayName at runtime. No
home-screen length restrictions there.
[FIXED] Inform Apptentive of significant events.
[FIXED] Immediately open the application on the password entry view
if the key is forgotten instead of revealing the internals
in a blink.
[FIXED] Clean up the UI better when switching between master
passwords.
[ADDED] Ask spelling confirmation when a master password is used
that doesn't have any known sites yet.
[ADDED] iPad HD quality icon.
[IMPROVED] Artworks re-generated, downscale improved, convertImages
improved.
[IMPROVED] Small guide text improvements.
[UPDATED] Help texts updated for current operation and UI.