[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Juraj]

https://bugs.kde.org/show_bug.cgi?id=391298

Juraj  changed:

   What|Removed |Added

  Latest Commit|https://invent.kde.org/netw |https://invent.kde.org/netw
   |ork/falkon/commit/6a258adc3 |ork/falkon/commit/261bef6d6
   |15f78f7bd2f25db25248865690c |5d90ae6893e9a22a653355f3491
   |e27f|e71c

--- Comment #11 from Juraj  ---
Git commit 261bef6d65d90ae6893e9a22a653355f3491e71c by Juraj Oravec.
Committed on 12/03/2023 at 22:03.
Pushed by jurajo into branch 'release/23.04'.

KWallet: Store passwords entries in map fortmat
FIXED-IN: 23.04.0

Signed-off-by: Juraj Oravec 

M  +69   -39   src/plugins/KDEFrameworksIntegration/kwalletpasswordbackend.cpp

https://invent.kde.org/network/falkon/commit/261bef6d65d90ae6893e9a22a653355f3491e71c

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Juraj]

https://bugs.kde.org/show_bug.cgi?id=391298

Juraj  changed:

   What|Removed |Added

  Latest Commit|https://invent.kde.org/netw |https://invent.kde.org/netw
   |ork/falkon/commit/52ae23a36 |ork/falkon/commit/6a258adc3
   |b3e61e5a293de7c4ac517492e49 |15f78f7bd2f25db25248865690c
   |c67f|e27f

--- Comment #10 from Juraj  ---
Git commit 6a258adc315f78f7bd2f25db25248865690ce27f by Juraj Oravec.
Committed on 12/03/2023 at 22:00.
Pushed by jurajo into branch 'master'.

KWallet: Store passwords entries in map fortmat
FIXED-IN: 23.04.0

Signed-off-by: Juraj Oravec 

M  +69   -39   src/plugins/KDEFrameworksIntegration/kwalletpasswordbackend.cpp

https://invent.kde.org/network/falkon/commit/6a258adc315f78f7bd2f25db25248865690ce27f

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Juraj]

https://bugs.kde.org/show_bug.cgi?id=391298

Juraj  changed:

   What|Removed |Added

 Status|REPORTED|RESOLVED
  Latest Commit||https://invent.kde.org/netw
   ||ork/falkon/commit/52ae23a36
   ||b3e61e5a293de7c4ac517492e49
   ||c67f
 Resolution|--- |FIXED
   Version Fixed In||23.04.0

--- Comment #9 from Juraj  ---
Git commit 52ae23a36b3e61e5a293de7c4ac517492e49c67f by Juraj Oravec.
Committed on 28/01/2023 at 19:37.
Pushed by jurajo into branch 'kwallet_map_rewrite'.

KWallet: Store passwords entries in map fortmat
FIXED-IN: 23.04.0

Signed-off-by: Juraj Oravec 

M  +69   -39   src/plugins/KDEFrameworksIntegration/kwalletpasswordbackend.cpp

https://invent.kde.org/network/falkon/commit/52ae23a36b3e61e5a293de7c4ac517492e49c67f

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Erik Quaeghebeur]

https://bugs.kde.org/show_bug.cgi?id=391298

--- Comment #8 from Erik Quaeghebeur  ---
(In reply to Justin from comment #7)
> I think from a security standpoint plain text passwords are bad. But if a
> user wishes to put their passwords in plain text it could certainly be an
> option, but not the default.
This is not about plain-text versus encrypted passwords. KWallet takes care of
the encryption. Comment #3 makes this clear:

> It's fully "documented" in the source code, if you want you can easily parse 
>it.

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Justin]

https://bugs.kde.org/show_bug.cgi?id=391298

Justin  changed:

   What|Removed |Added

 CC||justin.zo...@gmail.com

--- Comment #7 from Justin  ---
I think from a security standpoint plain text passwords are bad. But if a user
wishes to put their passwords in plain text it could certainly be an option,
but not the default.

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[dharman]

https://bugs.kde.org/show_bug.cgi?id=391298

--- Comment #6 from dharman  ---
(In reply to David Rosca from comment #5)
> I never said I am against implementing it, patches welcome.

If there aren't other options, I hope, some day, to be able to retrieve the
time needed to implement the resolutive patch! :)


> Well, you make it sound like it actually is very important...

Oh, no sir! It's only the reason because I've opened this ticket.

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[David Rosca]

https://bugs.kde.org/show_bug.cgi?id=391298

--- Comment #5 from David Rosca  ---
(In reply to dharman from comment #4)
> 
> I was thinkining to fdevelop a fork of your Kwallet plugin to permit this
> feature. But I would prefer do not duplicate efforts...

I never said I am against implementing it, patches welcome.

> 
> ...after all...it's nothing huge or so important...IMHO.

Well, you make it sound like it actually is very important...

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[dharman]

https://bugs.kde.org/show_bug.cgi?id=391298

--- Comment #4 from dharman  ---
(In reply to David Rosca from comment #3)
> (In reply to Max from comment #2)
> > It's very inconvenient that in applications like KWalletManager instead of
> > expected 'Passwords' we got binary blob in weird and undocumented format.
> 
> It's fully "documented" in the source code, if you want you can easily parse
> it.
> 
> > pretty-much defeats the purpose of kwallet as cross-application secure and
> > portable way to store password.
> 
> How? You should only need to read / edit the passwords from Falkon, not from
> external tools.
> 
> > I think the priority should be set higher
> > for this bug: extension with bad design is even worse than no extension - it
> > breaks people's expectations and give false hope that some feature is
> > implemented while in reality it isn't.
> 
> Yeah ... no.

Ok, this project is your puppy, and I thank you a lot for started it. But...as
part of a community, I wish to ask you to let us (a.k.a. the final users) to
decide if save password in plain text or binary mode. Otherwise this project is
no so much different than Chromium itself

I was thinkining to fdevelop a fork of your Kwallet plugin to permit this
feature. But I would prefer do not duplicate efforts...

...after all...it's nothing huge or so important...IMHO.

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[David Rosca]

https://bugs.kde.org/show_bug.cgi?id=391298

--- Comment #3 from David Rosca  ---
(In reply to Max from comment #2)
> It's very inconvenient that in applications like KWalletManager instead of
> expected 'Passwords' we got binary blob in weird and undocumented format.

It's fully "documented" in the source code, if you want you can easily parse
it.

> pretty-much defeats the purpose of kwallet as cross-application secure and
> portable way to store password.

How? You should only need to read / edit the passwords from Falkon, not from
external tools.

> I think the priority should be set higher
> for this bug: extension with bad design is even worse than no extension - it
> breaks people's expectations and give false hope that some feature is
> implemented while in reality it isn't.

Yeah ... no.

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Max]

https://bugs.kde.org/show_bug.cgi?id=391298

--- Comment #2 from Max  ---
It's very inconvenient that in applications like KWalletManager instead of
expected 'Passwords' we got binary blob in weird and undocumented format. It
pretty-much defeats the purpose of kwallet as cross-application secure and
portable way to store password. I think the priority should be set higher for
this bug: extension with bad design is even worse than no extension - it breaks
people's expectations and give false hope that some feature is implemented
while in reality it isn't.

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Max]

https://bugs.kde.org/show_bug.cgi?id=391298

Max  changed:

   What|Removed |Added

 CC||sur...@alumni.ntnu.no

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Erik Quaeghebeur]

https://bugs.kde.org/show_bug.cgi?id=391298

Erik Quaeghebeur  changed:

   What|Removed |Added

 CC||k...@equaeghe.nospammail.net

--- Comment #1 from Erik Quaeghebeur  ---
I can confirm that having password data in kwallet in structured plain text
format is very convenient. It allows searching passwords, websites, usernames,
etc. It is essential for cross-application portability.

Suggestion: change type from ‘normal’ to ‘wishlist’.

-- 
You are receiving this mail because:
You are watching all bug changes.

[Falkon] [Bug 391298] Kwallet extension save password in binary mode instead text

[Rico Rommel]

https://bugs.kde.org/show_bug.cgi?id=391298

Rico Rommel  changed:

   What|Removed |Added

 CC||r...@bierrommel.de

-- 
You are receiving this mail because:
You are watching all bug changes.