D15240: Create a default wallet when user refuses to do so

2018-09-05 Thread Nathaniel Graham 
ngraham added a comment.


  In D15240#320867 , @bruns wrote:
  
  > Can't we use pam_kwallet to receive the password and automatically create 
the wallet when the user logs in for the first time?
  >
  > Of course, some caveats apply, passwordless login, smart cards, trivial 
password ...
  
  
  If that's technically feasible, that would work too. However keep in mind 
that some distros like openSUSE deliberately do not ship with `pam_kwallet` 
(see https://bugzilla.suse.com/show_bug.cgi?id=1034347).
  
  Ultimately I don't have strong opinions on implementation, but I do think we 
should come up with some way to avoid presenting the user with a surprise 
wizard full of nerdy options.

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks, ngraham
Cc: bruns, ngraham, abetts, kde-frameworks-devel, michaelh

D15240: Create a default wallet when user refuses to do so

2018-09-05 Thread Stefan BrĂ¼ns 
bruns added a comment.


  > In D15240#320224 , @abetts wrote:
  > 
  >> I can see this argument as very valuable. I have also been a little 
startled by setting this up when you first start using Plasma or create your 
first password. I have not seen this in other systems. I know also we care for 
security and transparency. Maybe we should reconsider the wizard and use a more 
automated approach. Thoughts?
  > 
  > 
  > I would favor automatically creating a default wallet with the user's 
current password using a "good enough" cipher that we can hopefully all agree 
on. This would probably require changes to user-manager, or whatever it is that 
receives the string used for a new account's password. At the moment when a new 
user account is created, it would not only create the new user account, but it 
would also create a wallet using the same password.
  
  Can't we use pam_kwallet to receive the password and automatically create the 
wallet when the user logs in for the first time?
  
  Of course, some caveats apply, passwordless login, smart cards, trivial 
password ...

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks, ngraham
Cc: bruns, ngraham, abetts, kde-frameworks-devel, michaelh

D15240: Create a default wallet when user refuses to do so

2018-09-05 Thread Oleg Solovyov 
McPain added a comment.


  In D15240#320542 , @ngraham wrote:
  
  > I would favor automatically creating a default wallet with the user's 
current password using a "good enough" cipher that we can hopefully all agree 
on. This would probably require changes to user-manager, or whatever it is that 
receives the string used for a new account's password. At the moment when a new 
user account is created, it would not only create the new user account, but it 
would also create a wallet using the same password.
  
  
  What if we create a user in AD? (Active Directory or something similar, not 
local user)

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks, ngraham
Cc: ngraham, abetts, kde-frameworks-devel, michaelh, bruns

D15240: Create a default wallet when user refuses to do so

2018-09-05 Thread Oleg Solovyov 
McPain added a comment.


  In D15240#320542 , @ngraham wrote:
  
  > Stuff that doesn't work with KWallet should be fixed. But the point would 
be moot if we create a default wallet in a more user-friendly manner...
  
  
  I never told that there are stuff that doesn't work with KWallet
  I'm saying about stuff that doesn't work _without_ KWallet :)

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks, ngraham
Cc: ngraham, abetts, kde-frameworks-devel, michaelh, bruns

D15240: Create a default wallet when user refuses to do so

2018-09-04 Thread Nathaniel Graham 
ngraham added a comment.


  In D15240#319994 , @McPain wrote:
  
  > What could you say about stuff that doesn't work without wallet but 
stubborn user always _refuses_ to create one?
  
  
  I would say that the computer should conform to the user's desires, not the 
other way around. :) Stuff that doesn't work with KWallet should be fixed. But 
the point would be moot if we create a default wallet in a more user-friendly 
manner...
  
  In D15240#320224 , @abetts wrote:
  
  > I can see this argument as very valuable. I have also been a little 
startled by setting this up when you first start using Plasma or create your 
first password. I have not seen this in other systems. I know also we care for 
security and transparency. Maybe we should reconsider the wizard and use a more 
automated approach. Thoughts?
  
  
  I would favor automatically creating a default wallet with the user's current 
password using a "good enough" cipher that we can hopefully all agree on. This 
would probably require changes to user-manager, or whatever it is that receives 
the string used for a new account's password. At the moment when a new user 
account is created, it would not only create the new user account, but it would 
also create a wallet using the same password.

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks, ngraham
Cc: ngraham, abetts, kde-frameworks-devel, michaelh, bruns

D15240: Create a default wallet when user refuses to do so

2018-09-04 Thread Andres Betts 
abetts added a comment.


  In D15240#319850 , @ngraham wrote:
  
  > This strikes me as likely to cause intense frustration. Consider the 
following dramatized dialogue between a user and the computer:
  >
  > User: "Neat, I just set up this KDE plasma thing. Let's start seeing what 
cool stuff it can do!"
  >  Computer: "Hey hey hey first what kind of KWallet do you want to create? 
Technical jargon thingy 1, or technical jargon thingy 2? Huh? Huh? What'll it 
be O noble user!?"
  >  User: "Okay, I have no idea, let me cancel out of this stupid thing..."
  >  Computer: "Don't worry I created a thing anyway and chose technical jargon 
thingy 1 for you!"
  >
  > Speaking personally, this sort of experience would make me want to put my 
fist through the screen.
  >
  > It might be worth stepping back and asking more higher-level questions like:
  >  "Why are users cancelling the wizard? Is it too technically intimidating?"
  >  "Should we even have a wizard at all? Maybe should we create a wallet 
automatically by default and let advanced users change its settings or delete 
it if they don't like it?"
  
  
  I can see this argument as very valuable. I have also been a little startled 
by setting this up when you first start using Plasma or create your first 
password. I have not seen this in other systems. I know also we care for 
security and transparency. Maybe we should reconsider the wizard and use a more 
automated approach. Thoughts?

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks, ngraham
Cc: ngraham, abetts, kde-frameworks-devel, michaelh, bruns

D15240: Create a default wallet when user refuses to do so

2018-09-04 Thread Oleg Solovyov 
McPain added a comment.


  In D15240#319850 , @ngraham wrote:
  
  > This strikes me as likely to cause intense frustration. Consider the 
following dramatized dialogue between a user and the computer:
  >
  > User: "Neat, I just set up this KDE plasma thing. Let's start seeing what 
cool stuff it can do!"
  >  Computer: "Hey hey hey first what kind of KWallet do you want to create? 
Technical jargon thingy 1, or technical jargon thingy 2? Huh? Huh? What'll it 
be O noble user!?"
  >  User: "Okay, I have no idea, let me cancel out of this stupid thing..."
  >  Computer: "Don't worry I created a thing anyway and chose technical jargon 
thingy 1 for you!"
  >
  > Speaking personally, this sort of experience would make me want to put my 
fist through the screen.
  >
  > It might be worth stepping back and asking more higher-level questions like:
  >  "Why are users cancelling the wizard? Is it too technically intimidating?"
  >  "Should we even have a wizard at all? Maybe should we create a wallet 
automatically by default and let advanced users change its settings or delete 
it if they don't like it?"
  
  
  What could you say about stuff that doesn't work without wallet but stubborn 
user always _refuses_ to create one?

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks, ngraham
Cc: ngraham, abetts, kde-frameworks-devel, michaelh, bruns

D15240: Create a default wallet when user refuses to do so

2018-09-03 Thread Nathaniel Graham 
ngraham requested changes to this revision.
ngraham added a comment.
This revision now requires changes to proceed.


  This strikes me as likely to cause intense frustration. Consider the 
following dramatized dialogue between a user and the computer:
  
  User: "Neat, I just set up this KDE plasma thing. Let's start seeing what 
cool stuff it can do!"
  Computer: "Hey hey hey first what kind of KWallet do you want to create? 
Technical jargon thingy 1, or technical jargon thingy 2? Huh? Huh? What'll it 
be O noble user!?"
  User: "Okay, I have no idea, let me cancel out of this stupid thing..."
  Computer: "Don't worry I created a thing anyway and chose technical jargon 
thingy 1 for you!"
  
  Speaking personally, this sort of experience would make me want to put my 
fist through the screen.
  
  It might be worth stepping back and asking more higher-level questions like:
  "Why are users cancelling the wizard? Is it too technically intimidating?"
  "Should we even have a wizard at all? Maybe should we create a wallet 
automatically by default and let advanced users change its settings or delete 
it if they don't like it?"

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks, ngraham
Cc: ngraham, abetts, kde-frameworks-devel, michaelh, bruns

D15240: Create a default wallet when user refuses to do so

2018-09-03 Thread Oleg Solovyov 
McPain added a reviewer: Frameworks.

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

To: McPain, #frameworks
Cc: kde-frameworks-devel, michaelh, ngraham, bruns

D15240: Create a default wallet when user refuses to do so

2018-09-03 Thread Oleg Solovyov 
McPain created this revision.
Herald added a project: Frameworks.
Herald added a subscriber: kde-frameworks-devel.
McPain requested review of this revision.

REVISION SUMMARY
  This patch allows creating a default wallet with empty password when user 
explicitly refuses to create one (tons of KWallet dialogs looks annoying)
  
  Also, KWallet will notify user once the wallet was created.

REPOSITORY
  R311 KWallet

REVISION DETAIL
  https://phabricator.kde.org/D15240

AFFECTED FILES
  src/runtime/kwalletd/kwalletd.cpp

To: McPain
Cc: kde-frameworks-devel, michaelh, ngraham, bruns