Bug 472297

Summary: Feature Request: Pin Code Unlock
Product: [Unmaintained] kscreenlocker Reporter: FuturDreamz <graham.fluet>
Component: generalAssignee: Plasma Bugs List <plasma-bugs-null>
Status: RESOLVED INTENTIONAL    
Severity: wishlist CC: nate
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Neon   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description FuturDreamz 2023-07-16 06:48:22 UTC 
SUMMARY
The ability to unlock a computer using a numerical 4-6 digit pin code. Pin code for initial login and unlocking Kwallet as a desired but optional consideration. Pin code is NOT being considered at this time for use for accessing sudo functions, system changes, or installing/changing applications.

PURPOSE
To provide a balance between ease of use and security, where physical access to the computer is controlled. Pin code authentication file to be secured so that only kscreenlocker and ksettings can view and access file.
Pin code unlock could be disabled by default, requiring admin permission to enable and use.

USE CASES
1. Office location where the user is not in a private office and is expected to step away from the computer for short periods. using a PIN code allows the user to be able to quickly unlock the computer and resume work, without having a password simple enough to be brute forced by software with network access - or encouraging the user to violate security practices by keeping a physical note within eyesight of the workstation.
2. Home location where the computer is available for guest use, or is a secondary computer (such as a HTPC) where individuals are not expected to have their own user accounts. This allows the owner to grant limited access to the computer, without having to provide a customized experience or an account that can have it's password easily guessed by network or device intrusions.
Comment 1 Nate Graham 2023-09-11 22:12:33 UTC 
My understanding of the reason for this feature on smartphones is because typing a long password is so annoying that people set short passwords, defeating the security of passwords. But on a desktop system, typing a long password, or even a medium length password presents no problems because the presence of a physical keyboard makes the task easy.

In both of your examples, if security is not much of a consideration, then the account's password itself should simply be short. And if security is a consideration, it should be long.

Additionally, in the case of a shared computer in a non-secure environment, typically the machine has one account with no password, or else multiple accounts with simple passwords.

So I don't think we will be considering this, sorry!