Task Proposal: Centralized account management

Sebastian Kügler sebas at kde.org
Tue Jan 24 13:13:21 UTC 2012


[ARGH. Please don't CC: me when I'm already on that list, it screws up 
filtering here (ends up in my private mail folder) and also makes me reply to 
persons, instead of lists. Moreover, it makes me write long offtopic stories 
about mail filtering ;-)]

On Tuesday, January 24, 2012 14:00:14 Lamarque V. Souza wrote:
> Em Friday 20 January 2012, Sebastian Kügler escreveu:
> > > Em Friday 20 January 2012, Marco Martin escreveu:
> > > > On Thursday 19 January 2012, todd rme wrote:
> > > > > I assume the authentication would be stored in kwallet?
> > > > 
> > > > for those that have username and password i guess so, yeah
> > > > 
> > > > 
> > > > 
> > > > more complex stuff that require things like api keys eh, still don't
> > > > 
> > > > know
> > > > 
> > >       Shouldn't this take into account the encrypted activities
> > > 
> > > implementation? If the username and password was first filled in an
> > > 
> > > encrypted activity it should not be available to every app on the
> > > system
> > > 
> > > without prior authorization. If you use kwallet without changes that is
> > > 
> > > exactly what is going to happen. Unless you use one wallet per
> > > encrypted
> > > 
> > > activity with different passwords for each of them.
> > 
> > In which case unlocking a private activity should also unlock this
> > private
> > 
> > wallet. (This is to not have 3 password  challenges upon switching
> > 
> > activity, or logging in.)
> 
>  
>         I was thinking in using the activity's password as the individual
> wallet password as well. In my oppinion there should be only a device
> password (to lock the entire device) and individual private activity
> passwords. In all other situation or "legacy" programs that requires
> password, like kwallet, we should use the activity password to avoid
> asking for password too many times. Everytime we change the activity
> password we should also change the password of the wallet associated to
> that activitiy.

Yep, I think making activity password also unlock the corresponding wallet 
makes sense.

Buuut ... what about passwords you would like to have available in all 
activities, i.e. most passwords?

Cheers,
-- 
sebas

http://www.kde.org | http://vizZzion.org | GPG Key ID: 9119 0EF9


More information about the Active mailing list