Bug 281423

Summary: security concern: implementation of an login and unlock screen with a password
Product: [Unmaintained] Active Reporter: Robby Engelmann <robby.engelmann>
Component: Plasma mobile shellAssignee: Marco Martin <notmart>
Status: RESOLVED UNMAINTAINED    
Severity: wishlist CC: active, fania.bremmer, groot, javier
Priority: LO    
Version: unspecified   
Target Milestone: unscheduled   
Platform: openSUSE   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Robby Engelmann 2011-09-05 19:37:28 UTC 
Version:           unspecified (using KDE 4.7.0) 
OS:                Linux

I read, it is planned to let kwallet work passwordless.
Up to now, even login and unlock, all must work without a password. For minimal security (especially important for mobile devices in my eyes) at least one password should be needed to login/unlock the device. Otherwise, everybody who steel the device is able to access all passwords in kwallet and all data. In my feeling this would be important even for a first release.

In later releases, it should be considered to implement a mechanism for disk/partition encryption.

Reproducible: Always



Expected Results:  
I would expect that a mobile device should be as safe as possible.
Comment 1 Aaron J. Seigo 2011-09-06 08:56:04 UTC 
which devices on the market have password login? at most they have pattern swiping, which is highly insecure, and which most new devices seem to simply be moving away from.

devices often have remote kill switches now, and hardware based solutions (e.g. boot PINs) seem to be the growing norm.

the defaults, for ease of use (having to pause to type in a password is a PITA and ruins the experience when you just want to grab the device from your bag / pocket and look something up quickly) and what the average consumer expects, should be passwordless imho.

we can (and for the reasons you suggest probably should) include a password option in future. for PA 1 and 2, though, i don't feel this needs to be a priority. (though i am completely in favour of contributions implementing this well being accepted if/when they appear :)
Comment 2 Sebastian Kügler 2011-09-19 13:06:26 UTC 
*** Bug 278091 has been marked as a duplicate of this bug. ***
Comment 3 Sebastian Kügler 2011-09-19 13:15:27 UTC 
*** Bug 282148 has been marked as a duplicate of this bug. ***
Comment 4 groot 2020-06-29 08:50:21 UTC 
Plasma Active is no longer under development.