Review Request: New Kwallet scheme for Khtml user-password form saving (enabling multiple accounts per site)

todd rme toddrme2178 at gmail.com
Tue Aug 10 16:44:08 BST 2010 

On Tue, Aug 10, 2010 at 10:49 AM, Eduardo Robles Elvira
<edulix at gmail.com> wrote:
> On Tue, Aug 10, 2010 at 4:03 PM, Martin Sandsmark
> <sandsmark at samfundet.no> wrote:
>> On Tue, Aug 10, 2010 at 08:48:03AM +0200, Oswald Buddenhagen wrote:
>>> otoh, konqueror's current behavior is a royal PITA to use.
>>> there should be some hierarchical treatment of urls with automatic
>>> propagation of completion data to deeper nested directories (and a
>>> manual way to propagate up).
>>
>> It's not given that they belong to the same page, though. So it will become a
>> potential security hole, no?
>>
>>
>>> in addition (or at least alternatively) there should be a way to link
>>> forms into a "cluster", so one doesn't have to re-enter the same
>>> credentials into a hundred different pages when they are all connected
>>> to the same authentication provider.
>>
>> I'm not sure what you mean here. What is an "authentication provider" in this
>> context?
>
> I think he means that if two sites use i.e. Google account
> user/password for authentication, you should be able to tell that to
> the web browser instead of needing to write the same password again
> and again for each web site. Even if the host is completely different.
> And if your password changes, then again in those N places. For me,
> this seems like a good idea in need of a good secure, and well-thought
> UI.
>
> Interestingly, instead of multiple accounts per site which the
> proposed patch provides, Ossi is asking for multiple sites per
> account. Which is the opposite but actually related: with the patch
> proposed by Filip, sites which share the same KUrl::host() will share
> the same user accounts, which of course security issues mentioned in
> this thread. That's a first approximation, of how to implement this
> feature Ossi is proposing. Perhaps what's needed is to face this
> problem in a the more generic way to let the user choose which
> user/password accounts can be reused in different websites
> instead.Probably we should ask the usability people, they might come
> up with this wonderful idea about for the UI! =)

How about this: When a user sets a username and password, it stores it
on a per-web page basis.  When a user sets the username on a web-page,
it first searches for a username for the same web page.  It one
doesn't exist, it searches for a username for the same host.  If it
finds one, it pops up a message saying that it has found a username
for another web page on the same host, do you want to use it on this
web page, or on all web pages on this host, or enter a new password.
If it finds more than one, it gives user a list of web pages on the
host and lets the user pick one or none.  If the user changes the
password on one web page on the host, the user is asked if he or she
wants to change the password for this host or change it for all hosts
sharing the same password.

I'l give an example:

Lets say there is a password stored for www.kde.org/developers, and
the user tries to type in the same username for www.kde.org/users.
The user is given this message:

   You have a stored password for a similar web page
(www.kde.org/developers) with the same username.  What would you like
to do?

        -Use the same password here
        -Use the same password for all sites like this (kde.org)
        -Enter a new password.
        -Enter a new password for all sites like this (kde.org)


Let's say the user does number three, then tries to log on to
www.kde.org/testers using the same username.  This message appear:

   You have multiple stored password for similar web pages with the
same username.  What would you like to do?

        -Use the password from the following website here:
            [dropdown with www.kde.org/users and www.kde.org/developers]
        -Use the password from from the following website for all
future sites like this (kde.org)
            [dropdown with www.kde.org/users and www.kde.org/developers]
        -Enter a new password
        -Enter a new password for all sites like this (kde.org)

Now lets say the user does option 2 for www.kde.org/developers.  Then
the user logs in to www.kde.org/artists, but uses yet a different
password.  He or she gets this message:

   You entered a password different than the one you stored for sites
like this (kde.org).  What would you like to do?

       -Keep the stored password
       -Change the password only for this website (www.kde.org/artists)
       -Change the passwords for all sites sharing this password (most
of kde.org)

In the last case it would leave out the "most of" if all of kde.org
used the same password.

-Todd

More information about the kde-core-devel mailing list