Tidying up password storage in Amarok
Thomas Pfeiffer
colomar at autistici.org
Fri Apr 13 08:22:40 UTC 2012
On 11.04.2012 22:21, Andrzej J. R. Hunt wrote:
> Therefore I think it's probably better to work on the assumption that all
> passwords are stored on disk -- I wouldn't think it too unreasonable to expect
> those, who want a specific password not to be in plaintext, to go to the bother
> of setting up KWallet (or whatever other backends are added) correctly?
Assuming that all passwords are stored on disk is okay. However, failing
silently if the stored password does not work is not. What if the user changes
her password for a service and forgets to update the password saved in KWallet
(which is pretty likely to happen)? Would she never become aware of that until
she wants to use that service form within Amarok again and notices that
something is wrong? That does not make sense, regardless of the way the password
is stored.
If the login fails because the stored password is incorrect, the user has to be
asked to enter the correct password. Period. Or does that already work for
KWallet & Co?
Thomas
More information about the Amarok-devel
mailing list