mar 31

Facelifting KWalletManager

Catégorie : KDEValentin

As I previously announced on G+, I started some ui refactoring of the KWalletManager tool from kdeutils. This triggered some very helpful comments and suggestions, discussed on the kde-core-devel mailing list. I now proudly announce that the code made it to the master branch, so next time you’ll compile kwallet you’ll get the new, face-lifted, KWalletManager!

Main features are:

  • Use only one main window, based on the KPageWidget
  • Search logic has been improved and now the first item that matches automatically get selected, to help reduce the click count
  • The wallet editor got a new tab that allow you see what applications are currently connected, manage these connections and the associated permissions

Many thanks to Aurélien Gateau for the new design sketches, Till Schäfer for some very helpful suggestions and all the others who discussed this on the mailing list.

Here are the screenshots:

kwalletmanager-walleteditor kwalletmanager-applications

 

Enjoy the new KWalletManager!

18 réponses à “Facelifting KWalletManager”

  1. Yury Kudryashov a dit :

    I think that while searching « Passwords (144) » should be replaced by « Passwords (#{number of matched items}) ».

  2. Valentin a dit :

    Good point! I just pushed a solution for this ;-)

  3. Some ordinary user a dit :

    There is a feature enhancement that had been posted in the kde forums long ago about storing access times inside the wallet entries. The reasoning behind this request makes sense: http://forum.kde.org/viewtopic.php?sid=e15d147683893d47676f0775ca3a41a6&t=98272&start=15
    It would be great if such user feedback could be considered when updating kdewallet…
    ;-)

  4. Mark a dit :

    Nice, very nice. Kwallet at the moment is very outdated. Will it be possible to directly see the content, without having to click « activate content »?
    I also have some further suggestions:
    - It would be nice if it would be possible to move entries. Chrome seems to create a new application entry for every build, so that one can not access the passwords of an older version. If it would be posssible to move passwords, that would be great.
    - It would be cool, if there was also a KWallet plasmoid, which would make more sense than application.

  5. Valentin a dit :

    @ »Some ordinary user » – well, actually the lack of timestamp got me in business with kwallet, when I wanted a sync tool between several computers. This will come with ksecretsservice. Stay tuned.

    @Mark:
    thanks! The « activate content » button may be useful for some users, that’s way I choose not to drop it.
    chrome – I think that’s already possible, by doing drag and drop withing the tree list; however, I see that doing this with this new version leads to a crash – but I’ll fix it asap
    - plasmoid – already planned, however any help with that would be welcome :-)

  6. Mark a dit :

    Re:Valentin: Will it be possible to choose if « activate content » is needed or not?

  7. Valentin a dit :

    @Mark: ok, I added a menu underneath the « show contents » and « hide contents » buttons. Long pressing these buttons will show this menu, letting you check or uncheck and « always show contents » setting. This setting is persisted into the rc file so you’ll get it back when restarting kwalletmanager.

  8. Redm a dit :

    Cool you that you work on it. Looks a bit outdated and « technical » currently, more like a developer tool.

    A wish: I use kwallet also to manually store things like passwords from other systems, rarely used PINs or such. It would be cool if there were a more user friendly way to add manual content. Currently it’s pretty « technical » and hidden between the « automatic » entries.

    So perhaps a separate page, to add and view simple key value pairs. And categories to group entires.

  9. Plaristote a dit :

    I’ve been waiting for this since 4.0.
    I’m quite glad to see this happening ! KWallet is such a killer feature !

  10. Valentin a dit :

    @Redm: thanks for the feedback. Could you please file a « whish »-type bug on bugs.kde.org, choosing kwalletmanager component and assign that to me? A detailed description will be very appreciated.

    @Plaristote: Thanks! Yeah, kwallet is kool :-)

  11. Richard Larson a dit :

    Cool. Now it would be nice to allow it to use the currently logged in user’s password, like Gnome Keyring does, so we don’t have to be punished with a password prompt when using kwallet.

    Like many other users, I enter a blank password to keep it from hounding me for a password all the time. The way it works makes no sense and renders it unusable for most folks. Consider these typical use cases:

    - User on desktop computer probably does not need to have a different pw from his regular user pw. Ends up entering empty string for password, which is less secure.

    - User on laptop *might* want to use a different password in case their computer is stolen, but then the computer would have to be suspended or on when being stolen. If kwallet is already open, any perceived security when its stolen is meaningless.

    - User plays by kwallet’s rules and enters a different password. After logging in, is prompted to enter password so enters it. Kwallet is open, and stays open. Bad guy comes along while user is away from computer, with kwallet open – Thereby rendering kwallet completely useless ANYWAY.

    So all in all kwallet pretty much pointless. If you’re going to have pw management, why not just give the user the option to use the same password as the user password, like Gnome Keyring does. It’s not perfect, but I bet it a heck of a lot more secure then everyone just using «  » to avoid the annoying password prompt.

  12. Valentin a dit :

    Using unix session unlocking is a feature I plan to implement, as I’m also annoyed by the suplemental password prompt. However, if you think twice, using unix password, the ‘bad guy’ has no problem looking to your passwords if you forget to lock the session when temporarily leaving. In fact, kwallet’s password is there only to protect the file on disk. It’s contents is encrypted with your password so it can’t be read by anyone with access to your home dir.

  13. Aurélien Gâteau a dit :

    Great work! Nice to see this becoming reality!

  14. Valentin a dit :

    @aurélien and @all: thanks a lot for your comments and for encouraging! That’s great!

  15. Sinma a dit :

    Great work! Only one question, why separate applications currently connected to KWallet and those which have the authorization to access KWallet? I think you can just put all the applications in one list (more readable and no duplicate), and have an indicator to tell us if the application is connected with a temporary right, connected with a permanent right, or not connected to KWallet.

  16. Valentin a dit :

    Well, that’s not a bad idea. Thanks.

  17. Till Schäfer a dit :

    Found your blog late, but here are my THX for making kwalletmanager actually usable!

  18. Valentin a dit :

    You’re welcome!

Laisser une réponse