Q1. What is the problem that you are trying to solve?
Users normally are not aware of data security. They think, if they use a secure password-software, everything is encrypted. So they would enter risky data in not encrypted fields.
Q2 - Who is impacted?
Every user who did not read the manual or the source code carefully.
Q3 - Why is it important and/or urgent?
Secret data could be exposed when it is stored in de DB. For example a URI containing a secret.
Q4 - What is your proposed solution? (optional)
- As with the description it is already possible one can choose to encrypt other fields (except the name),
- or: put an Icon in front of ever field showing encryption-state,
- or: encrypt all field per default (except the name)
- and update the user manual, denoting which fields are encrypted and how to store sensitive data correctly.
Must have: this is critical for me to have this
Should have: this is important for me to have this
Could have: this could be nice to have
Won’t have: we should not schedule this (explain why)