SUMMARY `plasmalogin` blatantly leaks the typed password to TTY1. STEPS TO REPRODUCE 1. Enable plasmalogin 2. Reboot and log in 3. Switch to tty1 OBSERVED RESULT Terminal login is running on tty1, and my password that I typed in the plasmalogin greeter is openly visible on tty1 as if typed on the username prompt, as shown (pixelated) on the attached screenshot. EXPECTED RESULT No password leakage. SOFTWARE/OS VERSIONS Operating System: Arch Linux KDE Plasma Version: 6.5.4 KDE Frameworks Version: 6.21.0 Qt Version: 6.11.0 Kernel Version: 6.18.4-arch1-1 (64-bit) Graphics Platform: Wayland Processors: 12 × Intel® Core™ i7-8700 CPU @ 3.20GHz Memory: 32 GiB of RAM (31.3 GiB usable) Graphics Processor: NVIDIA GeForce GTX 960 ADDITIONAL INFORMATION This has been consistently reproducible for a while, and I've been retrying monthly to see if this issue was fixed, understanding that plasmalogin was still in beta. Now that it is about to land in Plasma 6.6, it's probably the right time to raise alarm about this.
Created attachment 188366 [details] Password leaked to TTY1
This doesn't happen on my Arch Linux install. Is this using the AUR package? After login, TTY1 shows the systemd bootup and TTY2 shows the login session. There is never any console login prompt.
(In reply to Oliver Beard from comment #2) > This doesn't happen on my Arch Linux install. Is this using the AUR package? > After login, TTY1 shows the systemd bootup and TTY2 shows the login session. > There is never any console login prompt. AUR package `plasma-login-manager-git`. I might have done some TTY/console tweaking in the past and I may have things running on TTY1 that doesn't run there in a stock Arch. But this probably only surfaces the issue rather than causes it. With SDDM, TTY1 has black screen with mouse pointer, TTY2 has console login (no password leaking there), and TTY3 runs the Plasma session. With plasmalogin, TTY1 has what the screenshot shows, TTY2 has whatever desktop session plasmalogin starts, and TTY3 has console login prompt. I vibecoded a script that gathers some diagnostics and ran it both in a SDDM session and in a plasmalogin session. Attaching the diagnostics. In any case, I believe a proper greeter should prevent keyboard input from spilling over.
Created attachment 188369 [details] Diagnostics captured in plasmalogin session
Created attachment 188370 [details] Diagnostics captured in SDDM session, for reference
Can you try this branch: work/d_ed/tty
(In reply to David Edmundson from comment #6) > Can you try this branch: > work/d_ed/tty Greeter doesn't show. Attaching plasmalogin status captured after console login.
Created attachment 188391 [details] systemctl status plasmalogin Built from commit 681b65b4ddc8f820a0e2d3a13a27b9fc112fbe88
A possibly relevant merge request was started @ https://invent.kde.org/plasma/plasma-login-manager/-/merge_requests/56
Git commit 99ded959c822c39819c15d60bcec67f2e4129673 by Neal Gompa, on behalf of David Edmundson. Committed on 11/01/2026 at 22:17. Pushed by ngompa into branch 'master'. usersession: Always load the relevant VT The old code had a relic path for when SDDM used to start the X11 server. This is no longer relevant and the checks missed handling a wayland greeter. M +33 -40 src/helper/UserSession.cpp https://invent.kde.org/plasma/plasma-login-manager/-/commit/99ded959c822c39819c15d60bcec67f2e4129673
(In reply to Neal Gompa from comment #10) > Git commit 99ded959c822c39819c15d60bcec67f2e4129673 by Neal Gompa, on behalf > of David Edmundson. > Committed on 11/01/2026 at 22:17. > Pushed by ngompa into branch 'master'. > > usersession: Always load the relevant VT > > The old code had a relic path for when SDDM used to start the X11 > server. This is no longer relevant and the checks missed handling a > wayland greeter. > > M +33 -40 src/helper/UserSession.cpp > > https://invent.kde.org/plasma/plasma-login-manager/-/commit/ > 99ded959c822c39819c15d60bcec67f2e4129673 Is this the same as the current 5.5.90 beta with respect to these code paths? This now can't log me in at all. Greeter shows, but no pointer, no reaction to input, and crashes/exits all by itself after a while. ``` -- Boot 95794f7536104141b334809576cd759b -- Jan 14 14:20:40 berbelek plasmalogin[1076]: Initializing... Jan 14 14:20:40 berbelek plasmalogin[1076]: Starting... Jan 14 14:20:40 berbelek plasmalogin[1076]: Logind interface found Jan 14 14:20:40 berbelek plasmalogin[1076]: Adding new display... Jan 14 14:20:40 berbelek plasmalogin[1076]: Using VT 1 Jan 14 14:20:40 berbelek plasmalogin[1076]: Display server started. Jan 14 14:20:40 berbelek plasmalogin[1076]: Socket server starting... Jan 14 14:20:40 berbelek plasmalogin[1076]: Socket server started. Jan 14 14:20:40 berbelek plasmalogin[1076]: Greeter starting... Jan 14 14:20:41 berbelek plasmalogin[1076]: Greeter session started successfully Jan 14 14:20:42 berbelek plasmalogin[1076]: Message received from greeter: Connect Jan 14 14:20:44 berbelek plasmalogin[1076]: Auth: plasmalogin-helper exited with 1 Jan 14 14:20:44 berbelek plasmalogin[1076]: Greeter stopped. PLASMALOGIN::Auth::HELPER_AUTH_ERROR Jan 14 14:25:37 berbelek plasmalogin[1076]: Signal received: SIGTERM Jan 14 14:25:37 berbelek plasmalogin[1076]: Socket server stopping... Jan 14 14:25:37 berbelek plasmalogin[1076]: Socket server stopped. ```