Bug 452039

Summary: Backend-specific password length limits are not reported or respected during initial vault creation
Product: [Plasma] plasmashell Reporter: tneo
Component: Vaults widgetAssignee: Plasma Bugs List <plasma-bugs-null>
Status: CONFIRMED ---    
Severity: normal CC: ivan.cukic, nate
Priority: NOR Keywords: usability
Version First Reported In: 6.0.0   
Target Milestone: 1.0   
Platform: openSUSE   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description tneo 2022-03-29 15:46:17 UTC 
SUMMARY
There appears a password length set when creating a vault, yet it is unclear to the user what this may be. No report is given upon creation that the password is too long. Unlocking the vault with the set password throws error message that the password is wrong.


STEPS TO REPRODUCE
1. Create a vault with a long passphrase (mine was 46)
2. Lock Vault
3. Unlock Vault

OBSERVED RESULT
Error message password incorrect.

EXPECTED RESULT
1. Unlocking of my vault without errors. 
2. Message upon creation about password length allowed.

SOFTWARE/OS VERSIONS
Operating System: openSUSE Tumbleweed 20220324
KDE Plasma Version: 5.24.3
KDE Frameworks Version: 5.92.0
Qt Version: 5.15.2
Kernel Version: 5.16.15-1-default (64-bit)
Comment 1 tneo 2022-03-29 15:57:23 UTC 
I tested this a bit more the password length is limited to 32 characters. Longer passwords silently get truncated. This should either be unlimited, or the user should be notified upon creation of the vault what the limit is.
Comment 2 tneo 2022-03-29 16:00:28 UTC 
Sorry for the spam, but I can't edit my comment above.

Limit is 32 characters. Inserting 33 character passphrase creates a Vault. Lock the vault and try to unlock the Vault. The 33 character passphrase is not accepted and reducing this to 32 character does not unlock either. It is not entirely clear what happens here upon passphrase creation.
Comment 3 Ivan Čukić 2022-03-29 17:01:52 UTC 
Which backend are you using for the vault? cryfs, encfs or gocryptfs
Comment 4 tneo 2022-03-29 17:42:14 UTC 
Sorry forgot that part: CryFS