When you update your user password using the user-manager KCM, your KWallet password isn't updated. So the next time KWallet asks for a password, you'll repeatedly enter your new password in frustration before yuo figure out what happened and try the old one. It would be really nice if user-manager either updated your KWallet password for you when you changed your user password, or else prompted you to do it or something like that.
This requires equal passwords in the first place. I use a much stronger password for KWallet compared to my login. Is there a way to find out if they match? I hope not, because a password should always be a secret.
Yes, that's true. I have to assume that you can compare hashes to find out if that match, or maybe ask PAM? For users who use the same password for their KWallet as they do for their user, there's a nearly 100% chance that it's for convenience. If they change their login password without the KWallet password getting updated, not only is the convenience lost, but they may be disoriented and frightened to suddenly receive password prompts they never saw before asking them for a password they may not be familiar with. In this case, it is not at all obvious that the password KWallet is asking for is their *old* password. This happened to my wife, FWIW, which is why I filed the bug.
*** Bug 413284 has been marked as a duplicate of this bug. ***
This became an "annoyed my wife" issue today. Time to go fix it...
Looks like it's possible to prompt the user when they're changing their password and they're using the default wallet. Working on it.
A possibly relevant merge request was started @ https://invent.kde.org/plasma/plasma-desktop/-/merge_requests/189
Git commit 07631c727545b56f47f9ddcb5b25a825abbcd3f3 by Nate Graham. Committed on 03/11/2020 at 18:21. Pushed by ngraham into branch 'master'. [kcms/users] Offer to change kwallet password when changing login password Right now, when a user changes their login password, their KWallet password is not changed. For users whose KWallet password was the same as their login password, this causes the two passwords to get out of sync, and then the user will be prompted to unlock their wallet the next time they log in. If they use their new password, it won't work. This is very very frustrating if you don't know what's going on. Now, when you change the login password of your own user account, and you have a wallet named "kdewallet" (the default one) in your list of wallets, you will be prompted to change the password of that wallet to match the new login password. This is optional and you don't have to do it, and you won't be prompted to do so if you don't have a wallet named "kdewallet", which indicates that you have a customized KWallet setup and you presumably know what you're doing. FIXED-IN: 5.21 M +1 -0 CMakeLists.txt A +90 -0 kcms/users/package/contents/ui/ChangeWalletPassword.qml [License: LGPL] M +12 -0 kcms/users/package/contents/ui/UserDetailsPage.qml M +1 -0 kcms/users/src/CMakeLists.txt M +18 -1 kcms/users/src/user.cpp M +3 -0 kcms/users/src/user.h https://invent.kde.org/plasma/plasma-desktop/commit/07631c727545b56f47f9ddcb5b25a825abbcd3f3