[Feedback] Privacy mode #513

New Issue

GiteaMirror · 2026-02-28T19:06:54-06:00

GiteaMirror commented

2026-02-28 19:06:54 -06:00

Originally created by @MatissJanis on GitHub (Jul 18, 2023).

Author: @joel-jeremy

Original PR: https://github.com/actualbudget/actual/pull/1272

This feature must be enabled as an experimental feature.

--

Please post your feedback and or bug reports as comments to this issue.

Originally created by @MatissJanis on GitHub (Jul 18, 2023). Author: @joel-jeremy Original PR: https://github.com/actualbudget/actual/pull/1272 This feature must be enabled as an experimental feature. -- Please post your feedback and or bug reports as comments to this issue.

GiteaMirror added the feedback label 2026-02-28 19:06:54 -06:00

GiteaMirror closed this issue

2026-02-28 19:06:54 -06:00

GiteaMirror commented

2026-02-28 19:06:54 -06:00

@MatissJanis commented on GitHub (Jul 22, 2023):

bug

privacy mode is not masking balances in the "reports" page

@MatissJanis commented on GitHub (Jul 22, 2023): **bug** privacy mode is not masking balances in the "reports" page

GiteaMirror commented

2026-02-28 19:06:55 -06:00

@shall0pass commented on GitHub (Aug 6, 2023):

Privacy mode isn't masking values in the schedules page. I'm not sure if this is intentional or not.

@shall0pass commented on GitHub (Aug 6, 2023): Privacy mode isn't masking values in the schedules page. I'm not sure if this is intentional or not.

GiteaMirror commented

2026-02-28 19:06:55 -06:00

@Crazypkr1099 commented on GitHub (Aug 8, 2023):

Privacy mode needs to completely mask out number, ATM it's extremely easy to see how much people have since the blurring effect is very light. Increasing the blurring effect and potentially changing the numbers to be gibberish would severely make this feature better.

@Crazypkr1099 commented on GitHub (Aug 8, 2023): Privacy mode needs to completely mask out number, ATM it's extremely easy to see how much people have since the blurring effect is very light. Increasing the blurring effect and potentially changing the numbers to be gibberish would severely make this feature better.

GiteaMirror commented

2026-02-28 19:06:55 -06:00

@shall0pass commented on GitHub (Aug 9, 2023):

I don't understand the comment about being able to read the values. If I were casually walking by and glanced at a screen, there is absolutely no way I could read this. I asked someone today to try to read it not knowing what was behind it. He got real close, squinted, removed his glasses, and probably tried crossing his eyes. He couldn't read it. Can you provide an example where it is easy? Maybe there's a rendering difference between our browsers?

@shall0pass commented on GitHub (Aug 9, 2023): I don't understand the comment about being able to read the values. If I were casually walking by and glanced at a screen, there is absolutely no way I could read this. I asked someone today to try to read it not knowing what was behind it. He got real close, squinted, removed his glasses, and probably tried crossing his eyes. He couldn't read it. Can you provide an example where it is easy? Maybe there's a rendering difference between our browsers? ![Screenshot_20230809-174004-838](https://github.com/actualbudget/actual/assets/20625555/8ec267a2-b763-41bd-b586-e57c3ef9eddd)

GiteaMirror commented

2026-02-28 19:06:56 -06:00

@joel-jeremy commented on GitHub (Aug 10, 2023):

Thats a good point. Maybe the blur is being rendered differently by the browser? Would a setting which adjusts the global blur intensity help with this?

@joel-jeremy commented on GitHub (Aug 10, 2023): Thats a good point. Maybe the blur is being rendered differently by the browser? Would a setting which adjusts the global blur intensity help with this?

GiteaMirror commented

2026-02-28 19:06:56 -06:00

@joel-jeremy commented on GitHub (Aug 10, 2023):

Privacy mode isn't masking values in the schedules page. I'm not sure if this is intentional or not.

I haven't worked on the schedules page yet. I'll address this in a future PR. Thanks!

@joel-jeremy commented on GitHub (Aug 10, 2023): > Privacy mode isn't masking values in the schedules page. I'm not sure if this is intentional or not. I haven't worked on the schedules page yet. I'll address this in a future PR. Thanks!

GiteaMirror commented

2026-02-28 19:06:57 -06:00

@joel-jeremy commented on GitHub (Aug 10, 2023):

Ideas/items for succeeding PRs for privacy mode:

Unblur the entire row when the row is hovered over (both in budget and transactions tables)
Fix the clipping on the right side of the blur on Spent and Balance budget table columns.
Add a toggle to unblur the budget table (leave account totals blurred). Maybe put an eye icon on the budget table header columns which shows up on hover?

@joel-jeremy commented on GitHub (Aug 10, 2023): Ideas/items for succeeding PRs for privacy mode: - Unblur the entire row when the row is hovered over (both in budget and transactions tables) - Fix the clipping on the right side of the blur on Spent and Balance budget table columns. - Add a toggle to unblur the budget table (leave account totals blurred). Maybe put an eye icon on the budget table header columns which shows up on hover?

GiteaMirror commented

2026-02-28 19:06:57 -06:00

@Amolith commented on GitHub (Sep 4, 2023):

I just saw this feature make it into the release and it's really cool! :)

I do believe a different method of redaction is worth considering though; blur has been shown to be pretty trivially reversible and so has pixelation, albeit to a lesser degree. A much more secure method would covering those fields with a pattern not derived from the underlying text. Another would be replacing them with a solid colour, like making the foreground and background colours of those fields the same or replacing the text with some box-drawing characters like ██████

@Amolith commented on GitHub (Sep 4, 2023): I just saw this feature make it into the release and it's really cool! :) I do believe a different method of redaction is worth considering though; blur has been shown to be pretty trivially reversible and so has pixelation, albeit to a lesser degree. A much more secure method would covering those fields with a pattern _not_ derived from the underlying text. Another would be replacing them with a solid colour, like making the foreground and background colours of those fields the same or replacing the text with some box-drawing characters like ██████

GiteaMirror commented

2026-02-28 19:06:57 -06:00

@Crazypkr1099 commented on GitHub (Sep 4, 2023):

Completely agree with amolith, blurring is decent for now but for more
privacy I would potentially like to see either a higher blur effect, or
some type of other protectant style.

Great work! Thanks for your continued contributions!

On Mon., Sep. 4, 2023, 9:33 a.m. Amolith, @.***> wrote:

@MatissJanis https://github.com/MatissJanis I just saw this feature
make it into the release and it's really cool! :)

I do believe a different method of redaction is worth considering though;
blur has been shown to be pretty trivially reversible and so has
pixelation, albeit to a lesser degree. A much more secure method would
covering those fields with a pattern not derived from the underlying
text. Another would be replacing them with a solid colour, like making the
foreground and background colours of those fields the same or replacing the
text with some box-drawing characters like ██████

—
Reply to this email directly, view it on GitHub
https://github.com/actualbudget/actual/issues/1360#issuecomment-1705283827,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/ACYH3B7XOFJALO2HLWL2PZDXYXKA7ANCNFSM6AAAAAA2O3TOKI
.
You are receiving this because you commented.Message ID:
@.***>

@Crazypkr1099 commented on GitHub (Sep 4, 2023): Completely agree with amolith, blurring is decent for now but for more privacy I would potentially like to see either a higher blur effect, or some type of other protectant style. Great work! Thanks for your continued contributions! On Mon., Sep. 4, 2023, 9:33 a.m. Amolith, ***@***.***> wrote: > @MatissJanis <https://github.com/MatissJanis> I just saw this feature > make it into the release and it's really cool! :) > > I do believe a different method of redaction is worth considering though; > blur has been shown to be pretty trivially reversible and so has > pixelation, albeit to a lesser degree. A much more secure method would > covering those fields with a pattern *not* derived from the underlying > text. Another would be replacing them with a solid colour, like making the > foreground and background colours of those fields the same or replacing the > text with some box-drawing characters like ██████ > > — > Reply to this email directly, view it on GitHub > <https://github.com/actualbudget/actual/issues/1360#issuecomment-1705283827>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ACYH3B7XOFJALO2HLWL2PZDXYXKA7ANCNFSM6AAAAAA2O3TOKI> > . > You are receiving this because you commented.Message ID: > ***@***.***> >

GiteaMirror commented

2026-02-28 19:06:57 -06:00

@deftly1970 commented on GitHub (Sep 4, 2023):

I don't understand the comment about being able to read the values. If I were casually walking by and glanced at a screen, there is absolutely no way I could read this. I asked someone today to try to read it not knowing what was behind it. He got real close, squinted, removed his glasses, and probably tried crossing his eyes. He couldn't read it. Can you provide an example where it is easy? Maybe there's a rendering difference between our browsers?

While I agree that it isn't easy to read, I was able to pop into my budget yesterday and glance at a blurred amount that I intentionally had not seen recently and was able to read it to the point where I was only off by one digit. The amount was $1,929.39 and with little effort I guessed it to be $1,929.29. Perhaps different browsers provide different results. I am using Brave.

The other thing that I don't like is that it is trivial to see how many digits are being blurred. With a quick glance anyone can tell whether the masked amount is in the 3, 4, 5 or 6 digit range.

Love the idea though, just feel it could be taken a step further. Thanks!

@deftly1970 commented on GitHub (Sep 4, 2023): > I don't understand the comment about being able to read the values. If I were casually walking by and glanced at a screen, there is absolutely no way I could read this. I asked someone today to try to read it not knowing what was behind it. He got real close, squinted, removed his glasses, and probably tried crossing his eyes. He couldn't read it. Can you provide an example where it is easy? Maybe there's a rendering difference between our browsers? ![Screenshot_20230809-174004-838](https://user-images.githubusercontent.com/20625555/259567298-8ec267a2-b763-41bd-b586-e57c3ef9eddd.png) While I agree that it isn't easy to read, I was able to pop into my budget yesterday and glance at a blurred amount that I intentionally had not seen recently and was able to read it to the point where I was only off by one digit. The amount was $1,929.39 and with little effort I guessed it to be $1,929.29. Perhaps different browsers provide different results. I am using Brave. The other thing that I don't like is that it is trivial to see how many digits are being blurred. With a quick glance anyone can tell whether the masked amount is in the 3, 4, 5 or 6 digit range. Love the idea though, just feel it could be taken a step further. Thanks!

GiteaMirror commented

2026-02-28 19:06:58 -06:00

@Amolith commented on GitHub (Sep 4, 2023):

This is an excellent resource explaining why redacting information using patterns based on the underlying text (blur, pixelation, etc.) is unsafe.
https://bishopfox.com/blog/unredacter-tool-never-pixelation

@Amolith commented on GitHub (Sep 4, 2023): This is an excellent resource explaining why redacting information using patterns based on the underlying text (blur, pixelation, etc.) is unsafe. https://bishopfox.com/blog/unredacter-tool-never-pixelation

GiteaMirror commented

2026-02-28 19:06:58 -06:00

@MatissJanis commented on GitHub (Sep 4, 2023):

Feel free to submit a PR for this.

If you don't know how to code: feel free to open a feature request and lets see if the community likes the idea and if someone else is willing to pick it up.

@MatissJanis commented on GitHub (Sep 4, 2023): Feel free to submit a PR for this. If you don't know how to code: feel free to open a feature request and lets see if the community likes the idea and if someone else is willing to pick it up.

GiteaMirror commented

2026-02-28 19:06:59 -06:00

@jnimmo commented on GitHub (Dec 22, 2023):

Appreciate all work by Actual's contributors, personally this isn't a feature I see myself using so the extra button just makes the display a bit busier, might've been okay to stay as an experimental feature?

@jnimmo commented on GitHub (Dec 22, 2023): Appreciate all work by Actual's contributors, personally this isn't a feature I see myself using so the extra button just makes the display a bit busier, might've been okay to stay as an experimental feature?

GiteaMirror referenced this issue

2026-02-28 20:56:12 -06:00

[PR #2706] [Feature] CAMT.053 import (new version) #4464

Sign in to join this conversation.

Branches Tags

master

claude/fix-simplefin-ssrf-T31gX

claude/release-notes-validation-X7rvR

matiss/7155

claude/fix-simplefin-batch-sync-O8LcD

ai/custom-theme-dual-prefs

matiss/fix-6804

add-claude-github-actions-1772738270730

claude/analyze-internal-errors-4k6O2

react-query-rules

react-query-useSchedules

matiss/separate-lint-format

dependabot/npm_and_yarn/ajv-6.14.0

cursor/sync-performance-notification-9899

react-query-prefs

matiss/chunked-sync-and-progress-ux

v26.2.1

copilot/sub-pr-6880

fix-react-query-clear-on-close-budget

copilot/sub-pr-6140

feat/auto-note

feat/scoped-bank-sync

cursor/desktop-transactions-react-table-1d0c

fix-exhaustive-deps-App

copilot/fix-find-replace-bug

release/v26.2.0-pre

matiss/browser-tests

mobile-fix-drag-and-drop-across-groups

budget-table-v2

PayeeAutocomplete2

pglite

bugfix/plugins/fix-plugins-sw

feat/plugins/plugins-core-package

prerelease

matiss/unicode-minus-fix

cursor/fix-actual-github-issue-6206-gemini-3-pro-preview-9c37

TransactionFormPage

cursor/implement-mortgage-and-loan-account-type-78ca

tests-update-fill-with-pressSequentially

mobile/link-modal

deps/25.11

cursor/fix-update-vrt-apply-ci-job-dispatch-b324

sync-server-plugins

cursor/propose-patch-for-github-issue-5680-2a18

fix/compiler-preserve-inner-dollar-escapes

cursor/analyze-actual-budget-issue-and-propose-fix-5b70

coderabbitai/docstrings/0c070e5

cursor/add-wip-prefix-and-comment-to-prs-d78d

jfdoming/08-21-auto-focus-on-navigate-in-all-browsers

show-totals-on-mobile-budget-banners

allow-child-transactions-make-transfer

mobile-calculator-keyboard

payee-geolocation

enhance/restore_scroll_position

dm-fix-second-click-on-mobile-new-transaction-2

scrollToLocationBudget

alert-autofix-38

tsconfig-composite

mobile-fix-uncategorized-transactions-on-tracking-budgets

server-budget-handlers

fix-sql-injection-in-cleanup-template

non-chrome-draggable-workaround

mobile-budget-page-swipe-navigation

ts-db-all

stable

dark-theme-with-brand-colors

fix-mobile-delete-group

ts-db-select

UnderKoen/reconcile-context-menu

master-before-server-merge

v25.2.1

ts-runQuery

rename-redux-hooks

UnderKoen/3557-persist-state-in-history

remove-redux-CLOSE_BUDGET

fix-exhaustive-deps-errors-FinancesApp

redux-toolkit-createSlice-backup

accounts-function-component

ts-useSplitsExpanded

loot-core-server-package

useTransactios-in-TransactionEdit

react-aria-input

move-redux-to-desktop-client

QueryState-type

fix-themes-applied-late

mobile-vrts

revert-3295-spendingCardFix

react-aria-button-4

split-payee-on-mobile

twk3/pin-apis-crdt

notes-tag-autocomplete

ts-LoadBackup

dnd-kit

package-upgrades

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/actual#513