Q1. What is the problem that you are trying to solve?
Most people that wants their passphrase to be remembered need to specify that choice everytime the timer expires.
Q2 - Who is impacted?
Everyone
Q3 - Why is it important and/or urgent?
Productivity and ease of use.
Q4 - What is your proposed solution? (optional)
It would be nice if Passbolt remembers that I always want it to remember my master password for 5 minutes, and have the checkbox checked already if I already used the remember me before.
It would be very interesting for the user (or global admin) to decide what the default should be. The password manager already unlogs you pretty quickly (computer locking) and it’s a lot of actions required every time.
I’d want this, too. At least it could remember my last choice. I can see that some security enthusiasts see this as a reduction in the security level, but I am having a hard time making my employees use a password manager in the first place. Having to enter the unlocking password every 5 minutes is another barrier that I would like to remove.
I think it’s better to use passbolt over the browser pw manager, or the same password on every page, so for the most people it is a significant improvement, even with the checkbox activated.
By the way, if it were such a bad idea, als R0N stated, to have the box checked, you should remove it entirely. I think its not a bad idea to have it and checking it should be about user (or admin) choice, because everyone has a different usecase.
Imagine my usecase while working in homeoffice, completely alone in the house. The propability of anyone accessing my computer is fairly low.
This is a feature where it should only just remember the option if you checked it or not. It is quite annoying to time and time again need to check the box to “remember until I log out” while that is something I would want as default, especially if you get logged out pretty quickly.
I’m kind of surpised that it wasn’t included, and that its required to do this every time. This is almost a “must have” feature for everyone, or at least possible to turn on/off as an admin.
Must have: this is critical for me to have this
Should have: this is important for me to have this
Could have: this could be nice to have
Won’t have: we should not schedule this (explain why)