445841 – Allow changing password

Bug 445841 - Allow changing password

Summary: Allow changing password

Status:	CONFIRMED

Alias:	None

Product:	plasmashell
Classification:	Plasma
Component:	Vaults widget (show other bugs)
Version:	6.0.0
Platform:	openSUSE Linux

Importance:	NOR wishlist
Target Milestone:	1.0
Assignee:	Ivan Čukić

URL:
Keywords:	usability

Depends on:
Blocks:

Reported:	2021-11-20 22:28 UTC by Loren Burkholder
Modified:	2024-12-18 05:42 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Loren Burkholder 2021-11-20 22:28:26 UTC

SUMMARY
There doesn't seem to be any way to change the password on a vault. Could this functionality be added?

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: openSUSE Tumbleweed
(available in About System)
KDE Plasma Version: 5.23.2
KDE Frameworks Version: 5.87.0
Qt Version: 5.15.2

Comment 1 Ivan Čukić 2024-12-18 05:42:30 UTC

It could be done for some backends, but not all support password changing. For example, cryfs doesn't seem to support it.

What is important to note is that changing the password (in general) doesn't re-encrypt the data, so if an attacker has your old encfs/cryfs/... config file and the old password, it is likely that they would be able to access newly encrypted data as well. (didn't test this with the Vault-supported encryption schemes, but this is often the case).

If Vaults get this feature, it will need a wall-of-text explaining what changing the password doe not defend against.

For the time being, and a better practice in general is to create a new vault, move the data, delete the old vault.