I'm an user of G. Molina firefox plugin, that save the passwords in kwallet but in text format. I think it's better, because sometimes I wish to read only it without open the browser.
I can confirm that having password data in kwallet in structured plain text format is very convenient. It allows searching passwords, websites, usernames, etc. It is essential for cross-application portability. Suggestion: change type from ‘normal’ to ‘wishlist’.
It's very inconvenient that in applications like KWalletManager instead of expected 'Passwords' we got binary blob in weird and undocumented format. It pretty-much defeats the purpose of kwallet as cross-application secure and portable way to store password. I think the priority should be set higher for this bug: extension with bad design is even worse than no extension - it breaks people's expectations and give false hope that some feature is implemented while in reality it isn't.
(In reply to Max from comment #2) > It's very inconvenient that in applications like KWalletManager instead of > expected 'Passwords' we got binary blob in weird and undocumented format. It's fully "documented" in the source code, if you want you can easily parse it. > pretty-much defeats the purpose of kwallet as cross-application secure and > portable way to store password. How? You should only need to read / edit the passwords from Falkon, not from external tools. > I think the priority should be set higher > for this bug: extension with bad design is even worse than no extension - it > breaks people's expectations and give false hope that some feature is > implemented while in reality it isn't. Yeah ... no.
(In reply to David Rosca from comment #3) > (In reply to Max from comment #2) > > It's very inconvenient that in applications like KWalletManager instead of > > expected 'Passwords' we got binary blob in weird and undocumented format. > > It's fully "documented" in the source code, if you want you can easily parse > it. > > > pretty-much defeats the purpose of kwallet as cross-application secure and > > portable way to store password. > > How? You should only need to read / edit the passwords from Falkon, not from > external tools. > > > I think the priority should be set higher > > for this bug: extension with bad design is even worse than no extension - it > > breaks people's expectations and give false hope that some feature is > > implemented while in reality it isn't. > > Yeah ... no. Ok, this project is your puppy, and I thank you a lot for started it. But...as part of a community, I wish to ask you to let us (a.k.a. the final users) to decide if save password in plain text or binary mode. Otherwise this project is no so much different than Chromium itself I was thinkining to fdevelop a fork of your Kwallet plugin to permit this feature. But I would prefer do not duplicate efforts... ...after all...it's nothing huge or so important...IMHO.
(In reply to dharman from comment #4) > > I was thinkining to fdevelop a fork of your Kwallet plugin to permit this > feature. But I would prefer do not duplicate efforts... I never said I am against implementing it, patches welcome. > > ...after all...it's nothing huge or so important...IMHO. Well, you make it sound like it actually is very important...
(In reply to David Rosca from comment #5) > I never said I am against implementing it, patches welcome. If there aren't other options, I hope, some day, to be able to retrieve the time needed to implement the resolutive patch! :) > Well, you make it sound like it actually is very important... Oh, no sir! It's only the reason because I've opened this ticket.
I think from a security standpoint plain text passwords are bad. But if a user wishes to put their passwords in plain text it could certainly be an option, but not the default.
(In reply to Justin from comment #7) > I think from a security standpoint plain text passwords are bad. But if a > user wishes to put their passwords in plain text it could certainly be an > option, but not the default. This is not about plain-text versus encrypted passwords. KWallet takes care of the encryption. Comment #3 makes this clear: > It's fully "documented" in the source code, if you want you can easily parse it.
Git commit 52ae23a36b3e61e5a293de7c4ac517492e49c67f by Juraj Oravec. Committed on 28/01/2023 at 19:37. Pushed by jurajo into branch 'kwallet_map_rewrite'. KWallet: Store passwords entries in map fortmat FIXED-IN: 23.04.0 Signed-off-by: Juraj Oravec <jurajoravec@mailo.com> M +69 -39 src/plugins/KDEFrameworksIntegration/kwalletpasswordbackend.cpp https://invent.kde.org/network/falkon/commit/52ae23a36b3e61e5a293de7c4ac517492e49c67f
Git commit 6a258adc315f78f7bd2f25db25248865690ce27f by Juraj Oravec. Committed on 12/03/2023 at 22:00. Pushed by jurajo into branch 'master'. KWallet: Store passwords entries in map fortmat FIXED-IN: 23.04.0 Signed-off-by: Juraj Oravec <jurajoravec@mailo.com> M +69 -39 src/plugins/KDEFrameworksIntegration/kwalletpasswordbackend.cpp https://invent.kde.org/network/falkon/commit/6a258adc315f78f7bd2f25db25248865690ce27f
Git commit 261bef6d65d90ae6893e9a22a653355f3491e71c by Juraj Oravec. Committed on 12/03/2023 at 22:03. Pushed by jurajo into branch 'release/23.04'. KWallet: Store passwords entries in map fortmat FIXED-IN: 23.04.0 Signed-off-by: Juraj Oravec <jurajoravec@mailo.com> M +69 -39 src/plugins/KDEFrameworksIntegration/kwalletpasswordbackend.cpp https://invent.kde.org/network/falkon/commit/261bef6d65d90ae6893e9a22a653355f3491e71c