Public bug reported:
Assume you want to create a keyring for secrets that you only need
rarely and thus want to access only on demand (not unlock on every login
session).
Whenever you access/unlock the keyring for the first, second, etc. time,
the "Unlock keyring" dialog asks for the password and has a preselected
checkbox "Automatically unlock this keyring whenever I'm logged in".
This is however not the current setting for this keyring, so it
constitutes a change of a setting, which counteracts the (likely)
intention of the user.
It is to easily to type the password and hit enter, thereby changing
this keyring to an automatically unlocked one, and this risk happens
repeatedly everytime you unlock it. In case you forgot to uncheck the
checkbox, the only way to restore the original setting is hidden (not in
keyring → properties, but only by setting a new password).
A security-focused application should also not have defaults that tend to
decrease security in favor of usability.
Having the checkbox preselected gains less extra usability (for the case the
user wants to change the keyring to be automatically unlocked: 1 click saved)
than that it decreases usability (in case the user wants to keep the keyring
manual: 1 click everytime to unselect it).
A possible fix is to not preselect the checkbox.
version 3.10.2 in Ubuntu 14.04 as well as in the version in Ubuntu 15.10
** Affects: seahorse (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to seahorse in Ubuntu.
https://bugs.launchpad.net/bugs/1534645
Title:
Cannot easily preserve a keyring to be only unlocked manually
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/1534645/+subscriptions
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
