489409 – "Remember password" checkbox state isn't configurable

Bug 489409 - "Remember password" checkbox state isn't configurable

Summary: "Remember password" checkbox state isn't configurable

Status:	CONFIRMED

Alias:	None

Product:	dolphin
Classification:	Applications
Component:	general (other bugs)
Version First Reported In:	24.05.1
Platform:	Other Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Dolphin Bug Assignee

URL:
Keywords:

Depends on:
Blocks:

Reported:	2024-06-28 22:41 UTC by Ellie
Modified:	2025-09-14 01:26 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Ellie 2024-06-28 22:41:22 UTC

SUMMARY

The "Remember password" checkbox state when mounting any encrypted device should perhaps either reflect last used state, or be configurable, for security reasons. It can be unsafe in some environments to remember the password for removable encrypted devices, so this prompt showing up and then always having "Remember password" pre-checked with no way of stopping that can be a risk when handling such removable devices a lot. Sadly, neither does this checkbox seem to reflect what I last used nor can I find anything in the dolphin options to change it not to be checked by default as to avoid accidentally using it.

Is there a way to disable this mechanism entirely? Maybe if I uninstall KDE Wallet for now?

STEPS TO REPRODUCE

1.  Access encrypted removable device in Dolphin
2. "Password" dialog pops up, "Remember password" is pre-checked

OBSERVED RESULT

I can't find a way for not making "Remember password" pre-checked every time.

EXPECTED RESULT

There's a way to disable this default state. E.g. if it remembered what I last used, that would already be enough since then I just need to be careful the first time and then it'll be fixed for follow-up uses.

SOFTWARE/OS VERSIONS

Windows: 
macOS: 
Linux/KDE Plasma: openSUSE Slowroll
(available in About System)
KDE Plasma Version: 6.0.5
KDE Frameworks Version: 
Qt Version: 

ADDITIONAL INFORMATION

Comment 1 Russ Holmes 2024-12-03 17:58:46 UTC

I can confirm this irritating bug. When the 'Remember password' checkbox is set when mounting an encrypted removable device, it remains set by default every time the device is mounted. Hence, if the user wants to clear the password so that it is not stored locally, they have to remember to clear the checkbox every time the device is mounted in future otherwise the password gets stored.

This seems to arise out of the interaction between Dolphin and KWallet.

The only way that I have found to get the checkbox to open unset is by going into KWalletManager and deleting the whole SolidLuks2 folder - deleting an individual password is not enough. Of course, this will clear *all* removable device passwords that it is storing.

Comment 2 Ellie 2025-09-14 01:26:24 UTC

I just accidentally saved a pretty critical FDE password in my kwallet due to this horrible default.

Since on many systems and storage types saving something means it cannot be permanently scrubbed anymore, I would like to suggest this is a security bug and warrants higher priority fixing.