Task Proposal: Centralized account management
Lamarque V. Souza
lamarque at kde.org
Tue Jan 24 13:00:14 UTC 2012
Em Friday 20 January 2012, Sebastian Kügler escreveu:
> > Em Friday 20 January 2012, Marco Martin escreveu:
> > > On Thursday 19 January 2012, todd rme wrote:
> > > > I assume the authentication would be stored in kwallet?
> > >
> > > for those that have username and password i guess so, yeah
> > >
> > > more complex stuff that require things like api keys eh, still don't
> > > know
> >
> > Shouldn't this take into account the encrypted activities
> >
> > implementation? If the username and password was first filled in an
> > encrypted activity it should not be available to every app on the system
> > without prior authorization. If you use kwallet without changes that is
> > exactly what is going to happen. Unless you use one wallet per encrypted
> > activity with different passwords for each of them.
>
> In which case unlocking a private activity should also unlock this private
> wallet. (This is to not have 3 password challenges upon switching
> activity, or logging in.)
I was thinking in using the activity's password as the individual wallet
password as well. In my oppinion there should be only a device password (to
lock the entire device) and individual private activity passwords. In all
other situation or "legacy" programs that requires password, like kwallet, we
should use the activity password to avoid asking for password too many times.
Everytime we change the activity password we should also change the password
of the wallet associated to that activitiy.
--
Lamarque V. Souza
KDE's Network Management maintainer
http://planetkde.org/pt-br
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/active/attachments/20120124/ae8cd1e1/attachment.html>
More information about the Active
mailing list