https://bugs.kde.org/show_bug.cgi?id=467900
Bug ID: 467900 Summary: Security concern for login in with KDE Online Accounts Classification: Frameworks and Libraries Product: kio-gdrive Version: 22.08.1 Platform: Other OS: Linux Status: REPORTED Severity: wishlist Priority: NOR Component: general Assignee: elvis.angelac...@kde.org Reporter: siloco...@gmail.com Target Milestone: --- Created attachment 157675 --> https://bugs.kde.org/attachment.cgi?id=157675&action=edit KDE Online Account popup hard to identify target or browser. The issue is when I want to connect KDE Online Accounts and I get what looks like the Google login page. The login page should be a separate browser based window showing the complete google url that you want to use to connect. Currently it is just a plain popup which means I have no way of trusting it with my password that in fact it is KDE's Online Accounts popup or someone else's man in the middle popup as KDE. Here is the example signup window I am talking about: [url]https://ibb.co/HNkMLFd[/url] Normally when I connect accounts using google, Chrome or some other legit browser pops up with the full URL displayed at the top that you can verify the request is going to Google for authentication. I think it should looks something like this. Notice how it is a browser window with full URL in display. https://ibb.co/zm53QT8 Is there possibly another way to connect the KDE Online Account that clearly shows a legitimate browser and it's URL. -- You are receiving this mail because: You are watching all bug changes.