The recently introduced feature to show the entered password on the lockscreen makes it vulnerable to social engineering and endangers the whole security of the current user. If someone enters his (partial) password but for some reason doesn't immediately pushes <RETURN> before leaving his workplace unattended, anyone else walking by could reveal the user's (partial) password. This is basically leaving the password in plain text on a post-it on the desk. The password field should be cleared: - after X seconds of inactivity - when switching to another VT - when suspending/resuming Besides that, it might make sense to introduce a (Kiosk-controllable) option to disable the "Show password" functionality in the lockscreen.
There is: lineedit_reveal_password
But yeah, clearing the password after a certain amount of time and/or when switching VTs makes sense.
…and also related: The password field shouldn't even be shown while the lockscreen is still in its "grace period" where it allows unlocking without a password as it implies a false sense of security during this period.
From what I can tell the password field is disabled when it's still in grace period: enabled: !authenticator.graceLocked
(In reply to Kai Uwe Broulik from comment #4) > From what I can tell the password field is disabled when it's still in grace > period: > > enabled: !authenticator.graceLocked It's not disabled here… the cursor blinks from the very first moment in the input field once the screen is locked. Even if it was disabled, it would still provide a false sense of security, as seeing a password field when just briefly looking at the locked screen before leaving the workplace, the visible password field tells me "this workplace is secure, I need to enter password to access it". I'd strongly vote for completely hiding it and possibly even indicating the "insecure grace status" in some way during the grace period. Maybe some UX people could weigh in here?
Note that the grace period is only when the lock screen kicks in automatically, if you press Ctrl+Alt+L and lock it manually, it's never in grace period and always requires a password to be unlocked.
(In reply to Kai Uwe Broulik from comment #6) > Note that the grace period is only when the lock screen kicks in > automatically, if you press Ctrl+Alt+L and lock it manually, it's never in > grace period and always requires a password to be unlocked. I explicitly tested this scenario before writing my previous comment :)
(In reply to Elias Probst from comment #7) > (In reply to Kai Uwe Broulik from comment #6) > > Note that the grace period is only when the lock screen kicks in > > automatically, if you press Ctrl+Alt+L and lock it manually, it's never in > > grace period and always requires a password to be unlocked. > > I explicitly tested this scenario before writing my previous comment :) …by which I mean: I waited for the lockscreen to show up instead of manually locking.
(In reply to Elias Probst from comment #0) > The password field should be cleared: > > - after X seconds of inactivity > - when switching to another VT > - when suspending/resuming Done in https://cgit.kde.org/plasma-workspace.git/commit/?id=a4e18e2be1348e7d6fd7fbe0c553ef0eb7120319
*** This bug has been marked as a duplicate of bug 412252 ***