This patch allows creating a default wallet with empty password when user explicitly refuses to create one (tons of KWallet dialogs looks annoying)
Also, KWallet will notify user once the wallet was created.
ngraham |
Frameworks |
This patch allows creating a default wallet with empty password when user explicitly refuses to create one (tons of KWallet dialogs looks annoying)
Also, KWallet will notify user once the wallet was created.
Lint Skipped |
Unit Tests Skipped |
This strikes me as likely to cause intense frustration. Consider the following dramatized dialogue between a user and the computer:
User: "Neat, I just set up this KDE plasma thing. Let's start seeing what cool stuff it can do!"
Computer: "Hey hey hey first what kind of KWallet do you want to create? Technical jargon thingy 1, or technical jargon thingy 2? Huh? Huh? What'll it be O noble user!?"
User: "Okay, I have no idea, let me cancel out of this stupid thing..."
Computer: "Don't worry I created a thing anyway and chose technical jargon thingy 1 for you!"
Speaking personally, this sort of experience would make me want to put my fist through the screen.
It might be worth stepping back and asking more higher-level questions like:
"Why are users cancelling the wizard? Is it too technically intimidating?"
"Should we even have a wizard at all? Maybe should we create a wallet automatically by default and let advanced users change its settings or delete it if they don't like it?"
What could you say about stuff that doesn't work without wallet but stubborn user always _refuses_ to create one?
Also, I didn't found a way how to change wallet cipher (Blowfish -> GPG or vice versa), it seems in order to do this I have to create a new wallet, import all records from the old one and remove it
I can see this argument as very valuable. I have also been a little startled by setting this up when you first start using Plasma or create your first password. I have not seen this in other systems. I know also we care for security and transparency. Maybe we should reconsider the wizard and use a more automated approach. Thoughts?
I would say that the computer should conform to the user's desires, not the other way around. :) Stuff that doesn't work with KWallet should be fixed. But the point would be moot if we create a default wallet in a more user-friendly manner...
I would favor automatically creating a default wallet with the user's current password using a "good enough" cipher that we can hopefully all agree on. This would probably require changes to user-manager, or whatever it is that receives the string used for a new account's password. At the moment when a new user account is created, it would not only create the new user account, but it would also create a wallet using the same password.
I never told that there are stuff that doesn't work with KWallet
I'm saying about stuff that doesn't work _without_ KWallet :)
What if we create a user in AD? (Active Directory or something similar, not local user)
I would favor automatically creating a default wallet with the user's current password using a "good enough" cipher that we can hopefully all agree on. This would probably require changes to user-manager, or whatever it is that receives the string used for a new account's password. At the moment when a new user account is created, it would not only create the new user account, but it would also create a wallet using the same password.
Can't we use pam_kwallet to receive the password and automatically create the wallet when the user logs in for the first time?
Of course, some caveats apply, passwordless login, smart cards, trivial password ...
If that's technically feasible, that would work too. However keep in mind that some distros like openSUSE deliberately do not ship with pam_kwallet (see https://bugzilla.suse.com/show_bug.cgi?id=1034347).
Ultimately I don't have strong opinions on implementation, but I do think we should come up with some way to avoid presenting the user with a surprise wizard full of nerdy options.