As of 26.03.2015 the latest version for Johnny is 1.1. The current document aims to roadmap the feature development and improvement from this version onwards. The actual tasks are split into milestone sprints. The release scheme and versioning may differ.

Goals for Johnny:

• Maintain default operating system UI looks, unless otherwise needed for specific UI elements that are known to look ugly on certain or all Window Systems(e.g. QToolBox, QTabWidget);
• Simplicity over complexity. We need to keep UI controls and functionality simple. Anything complex or not so obvious should be explained via mechanisms such as QTooltip.
• The UI needs to give people reasons to use it, otherwise they'll just skip it. A couple of reasons could be:
  • Johnny automates 80% of the most common or repetitive tasks of JtR;
  • The rest 20% percent is careful implemented and explained in an intuitive UI;
  • Support for translation(I18N) and thus other languages besides English(JtR CLI is English only);
• Johnny should be viewed as a learning avenue into password security. It displays info in a more intuitive fashion(unlike the CLI option), makes using the powerful JtR a breeze.
• Nonetheless, the tool shouldn't be dumbed down to cater only to beginners, we need to expose as much functionality as we can carefully so that it is useful for professionals too.
• Follow the coding style outlined at http://doc.qt.digia.com/qtcreator-extending/coding-style.html and the simplified ones at http://wiki.qt.io/Qt_Coding_Style and http://wiki.qt.io/Coding_Conventions.

1. Upgrade to Qt 5 (keep Qt 4 compat. for now) [Shinnok]
2. Add and use elided text QLabel where needed ( and possibly QPushButton ) [Shinnok]
3. Fix any outstanding bugs or crashes [Shinnok]
   • Johnny consumes cpu even when it isn't doing anything. (10-15% of one core, OS X, app just launched and thus no operation was started)
   • Crash on exit while john is running (seems to have been fixed in 1.1?)
   • Pause not working (seems to have been fixed in 1.1?)
   • Johnny asks for confirmation to kill JtR twice if a session is running on quit

1. UI overhaul [Shinnok] (better sidebar navigation, proper layout constraints so that UI elements look nice, e.g. the button's in the Settings page are a mile long, update UI to modern desktops(current is reminiscent of the KDE 3 era), etc..)
2. Rethink the progress bar [Shinnok]
3. Make due with the various usability issues [Shinnok]

1. Make sure all strings are translatable and add language switching support [Mathieu]
2. Add the –fork and OpenMP support so that we can use multi core (an option should be available for selecting how many cores should be used) [Mathieu]
3. Rename Output tab to Console log/journal and also print JtR cmds, as well as important debug info (allows the user to inspect commands Johnny issued to JtR as well as the resulting output) [Mathieu]
4. Preliminary Windows support (JtR terminate issue) [Mathieu+Shinnok]
5. Code TODOs and NOTEs cleanup [Mathieu]

1. Manual plain-text guessing for individual ciphers (directly in the table view) [Mathieu]
2. Hash type suggestion/guessing for individual hashes (which is the best way? do we have any support from JtR jumbo with that) [Mathieu]
3. Separate the CLI wrapper and compute handlers from the UI code and use proper threading. Any delays in processing or JtR crashes shouldn't affect or be mirrored by Johnny. [Shinnok+Mathieu]

1. Multiple pwd files session management(multiple cracking sessions management)
2. Ability to select/deselect individual hashes from being handled in a cracking session(maybe via a simple checkbox to each row?)
3. Search/Filter inside the Passwords tab table view

1. Export to CSV and columnated txt.
2. Dictionary editing and generation based on interactive rule sets?
3. Figure out how to implement *2john conversion support and implement it

1. Jumbo support (this task needs an evaluation and a further breakdown)

1. Add tooltips to all UI actions that are not very self explanatory to a new comer
2. Maybe change the icon pack [TBD Shinnok]
3. Support for OS X and distribution package(?DMG package, should include JtR?)
4. Does Windows build?
5. Figure out distribution channels and platforms installers. See category Brainstorming bellow.

1. Fix any outstanding bugs left or introduced lately.
2. Polish up the UI and resolve edge cases.
3. Proper installers, if any. See category Brainstorming bellow.

1. Post-cracking statistics regarding the frequency of passwords, characters and lengths, would be nice. Provided in a new statistics pane.
2. Further jumbo integration
3. To the future and beyond

…

• Do we want to officially support and maintain any platform installers(Windows, OS X, Debian, Ubuntu)? Is that too much trouble for us or should we just rely on 3rd party distrib. maintainers or others to do that? That is only provide build from source INSTALL instructions.
• Is there any value in doing so even if we don't bundle JtR itself into the platform bundle too? Is this sound to do at all for Linux distros(regarding the bundling), or too much trouble?
• Is there any value in being able to run multiple instances of Johnny on the same machine? Probably not if we implement sessions..
• How can we support distributed JtR cracking in the future?