Announcement

Collapse
No announcement yet.

Please discuss merits/problems Kwallet Gnome Keyring/passwords

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Please discuss merits/problems Kwallet Gnome Keyring/passwords

    Please, for the sake of people who may be migrating to Kubuntu from "Ubuntu Unity/possible HUD", do not post replies that are "rants".

    Kwallet has a lot of detractors, but so does Gnome "keyring".

    I would like for someone who actually knows about them both to discuss them in a sane manner so that the new user, who will be used to the Gnome way of doing things, can have a little bit of perspective.

    After said discussion, if the new user desires to ask a question about Kwallet, at some time in the future, there will be some small perspective within which to couch said question.

    My thanks in advance to anyone AND all who post a discussion.

    woodsmoke

    #2
    Lucky kwallet and the gnome keyring are being better integrated with each other... kde 4.8 now uses Secret Service and gnome something similar (though I am not familar with the gnome end of things). The idea behind it is to use a common dbus api for both gnome and kde so that applications don't need to care about which one they are connecting to (ie gnome applications will be able to use kwallet and vise versa).

    Comment


      #3
      While not being "someone who actually knows about them both", I've used both. And both do the job fine. The job is storing passwords (etc) so that only the logged in user can retrieve them.

      KWallet has one issue (for me and lots of people): you have to enter a master password for it after logging in. This should not be necessary, but I have not found a solution to it.

      Other than that, I'm not aware of any differences in approach / philosophy. Are there?
      I'd rather be locked out than locked in.

      Comment


        #4
        Originally posted by SecretCode View Post
        KWallet has one issue (for me and lots of people): you have to enter a master password for it after logging in
        Allot of people find this an issue (and for a very long time). Hopefully with the new infrastructure in place it will be only a matter of time before it gets resolved.

        For now I tend to store my network keys unencrypted so they don't bug me when I log in and have started to use lastpass for my browsers... though for some reason chromium still keeps bugging me to unlock kwallet even though I have told it not to store anything

        Comment


          #5
          Originally posted by SecretCode View Post
          KWallet has one issue (for me and lots of people): you have to enter a master password for it after logging in. This should not be necessary, but I have not found a solution to it.
          Actually, it isn't necessary. After a fresh install, on KWallet's first run it'll prompt you for a master password. You can leave this blank -- I always do. Just ignore the dire warnings.

          To remove the password from your existing wallet:

          1. Run kwalletmanager. Or if it's in your system tray, possibly in the list of hidden icons, open it.
          2. Right-click your wallet
          3. Choose Change Password
          4. Enter your wallet password
          5. In the new password dialog, don't fill in anything. Just click OK.
          6. Say "yes," mommie to the inevitable warning dialog.

          Comment


            #6
            My installation doesn't have a yes mommie option ...








            Tried that. Will report back ... if I need to reboot within the next few weeks, that is!

            I assume this doesn't really achieve the objective of keeping secrets secret from other users though? It hardly matters to me as the sole user of the machine, but it's still an issue with kwallet.
            I'd rather be locked out than locked in.

            Comment


              #7
              Originally posted by SecretCode View Post
              I assume this doesn't really achieve the objective of keeping secrets secret from other users though? It hardly matters to me as the sole user of the machine, but it's still an issue with kwallet.
              Yup, as the only user of my machine, I see no need to put a password on KWallet. And by configuring it this way, KWallet mostly stays out of my way. The first time an application wants to store a secret, KWallet will raise a dialog; I simply indicate "Remember always" and then it never bothers me again.

              Comment


                #8
                Hi guys,

                thanks for all the replies they are great.

                One reason that Kwallet is needed is that Akonadi/Kontact "require" the use of Kwallet to store the passwords for things like the Akonadi, gcalendar resource.

                I did notice on SuperOS that there is a password manager for the gnome ring and it has listed in it that "there is a password for widget x". One does not know what the password is, but one can delete it by simply clicking and deleting. A hostile entitity could remove the passwords and put new ones in through the app but you just remove it.

                The "problem" with Kontact gcalendar is that there is some kind of "bug" in the way that Kwallet interacts with the mysql lite so that "somewhere" the password get lost after either the first use of calendar or later on, it is kind of hazy because of the way the warning boxes display what it thinks is going wrong.

                So.. thanks for the comments, if there are any others please post them.

                woodsmoke

                Comment

                Working...
                X