385610 – Lockscreen: don't time block password entry - only login attempts.

Bug 385610 - Lockscreen: don't time block password entry - only login attempts.

Summary: Lockscreen: don't time block password entry - only login attempts.

Status:	RESOLVED INTENTIONAL

Alias:	None

Product:	kscreenlocker
Classification:	Unmaintained
Component:	greeter (other bugs)
Version First Reported In:	unspecified
Platform:	Other Linux

Importance:	NOR wishlist
Target Milestone:	---
Assignee:	Plasma Bugs List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-10-11 15:31 UTC by Pascal d'Hermilly
Modified:	2017-10-12 18:48 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed/Implemented In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Pascal d'Hermilly 2017-10-11 15:31:31 UTC

If I mistype my password on the lock screen I have to wait ca. 3-5 seconds to reenter it.
I could have spent the time to reenter the password. 
It should in my opinion only time block the login attempts.

Comment 1 Martin Flöser 2017-10-11 16:29:26 UTC

This is just another case of the old: security vs. comfort.

The password field is disabled for increased security to make it more annoying to brute force the password.

Comment 2 Pascal d'Hermilly 2017-10-11 22:11:00 UTC

Right. But could it wait with the annoying part until after 3 failed attempts?
3 attempts isn't exactly "brute force".

Comment 3 Martin Flöser 2017-10-12 15:26:40 UTC

(In reply to Pascal d'Hermilly from comment #2)
> Right. But could it wait with the annoying part until after 3 failed
> attempts?
> 3 attempts isn't exactly "brute force".

Erm no, that's just too complicated to track and get right. This is security related code, better safe than sorry.

Comment 4 Pascal d'Hermilly 2017-10-12 18:48:08 UTC

ok.
Thanks for listening :-)