Good news, I had a cancelled appointment today and I was able to implement a corresponding log event.
It works as such:
- The password itself is now only accessible from within the password entry (it cannot be accessed/copied from other views). The password data itself is also only fetched when opening a specific password entry.
- Whenever a user opens a password entry, an audit log record will be generated, referencing the accessing user and password entry.
Luckily, all necessary features were already implemented in the app, so I was able to extend them quickly.
You can test it out with version 48, which you can now update from the repository.
Audit logs for other mentioned events (entries updated, permissions changed, etc.) were already in the system. With more time, we could make these configurable - though I would also not see it as very important. But it is possible if needed.
I am looking forward to your feedback.