Facelifting KWalletManager

Posté le 31 mars 2013 @ 05:32 par Valentin

As I previously announced on G+, I started some ui refactoring of the KWalletManager tool from kdeutils. This triggered some very helpful comments and suggestions, discussed on the kde-core-devel mailing list. I now proudly announce that the code made it to the master branch, so next time you’ll compile kwallet you’ll get the new, face-lifted, KWalletManager!

Main features are:

  • Use only one main window, based on the KPageWidget
  • Search logic has been improved and now the first item that matches automatically get selected, to help reduce the click count
  • The wallet editor got a new tab that allow you see what applications are currently connected, manage these connections and the associated permissions

Many thanks to Aurélien Gateau for the new design sketches, Till Schäfer for some very helpful suggestions and all the others who discussed this on the mailing list.

Here are the screenshots:

kwalletmanager-walleteditor kwalletmanager-applications

 

Enjoy the new KWalletManager!

18 Commentaires

  1. Yury Kudryashov
    31 mars 2013 à 18:38

    I think that while searching « Passwords (144) » should be replaced by « Passwords (#{number of matched items}) ».

  2. Valentin
    31 mars 2013 à 19:18

    Good point! I just pushed a solution for this ;-)

  3. Some ordinary user
    31 mars 2013 à 19:20

    There is a feature enhancement that had been posted in the kde forums long ago about storing access times inside the wallet entries. The reasoning behind this request makes sense: http://forum.kde.org/viewtopic.php?sid=e15d147683893d47676f0775ca3a41a6&t=98272&start=15
    It would be great if such user feedback could be considered when updating kdewallet…
    ;-)

  4. Mark
    31 mars 2013 à 19:34

    Nice, very nice. Kwallet at the moment is very outdated. Will it be possible to directly see the content, without having to click « activate content »?
    I also have some further suggestions:
    - It would be nice if it would be possible to move entries. Chrome seems to create a new application entry for every build, so that one can not access the passwords of an older version. If it would be posssible to move passwords, that would be great.
    - It would be cool, if there was also a KWallet plasmoid, which would make more sense than application.

  5. Valentin
    31 mars 2013 à 20:40

    @ »Some ordinary user » – well, actually the lack of timestamp got me in business with kwallet, when I wanted a sync tool between several computers. This will come with ksecretsservice. Stay tuned.

    @Mark:
    thanks! The « activate content » button may be useful for some users, that’s way I choose not to drop it.
    chrome – I think that’s already possible, by doing drag and drop withing the tree list; however, I see that doing this with this new version leads to a crash – but I’ll fix it asap
    - plasmoid – already planned, however any help with that would be welcome :-)

  6. Mark
    31 mars 2013 à 21:20

    Re:Valentin: Will it be possible to choose if « activate content » is needed or not?

  7. Valentin
    31 mars 2013 à 23:39

    @Mark: ok, I added a menu underneath the « show contents » and « hide contents » buttons. Long pressing these buttons will show this menu, letting you check or uncheck and « always show contents » setting. This setting is persisted into the rc file so you’ll get it back when restarting kwalletmanager.

  8. Redm
    1 avril 2013 à 10:57

    Cool you that you work on it. Looks a bit outdated and « technical » currently, more like a developer tool.

    A wish: I use kwallet also to manually store things like passwords from other systems, rarely used PINs or such. It would be cool if there were a more user friendly way to add manual content. Currently it’s pretty « technical » and hidden between the « automatic » entries.

    So perhaps a separate page, to add and view simple key value pairs. And categories to group entires.

  9. Plaristote
    1 avril 2013 à 12:05

    I’ve been waiting for this since 4.0.
    I’m quite glad to see this happening ! KWallet is such a killer feature !

  10. Valentin
    1 avril 2013 à 13:10

    @Redm: thanks for the feedback. Could you please file a « whish »-type bug on bugs.kde.org, choosing kwalletmanager component and assign that to me? A detailed description will be very appreciated.

    @Plaristote: Thanks! Yeah, kwallet is kool :-)

  11. Richard Larson
    2 avril 2013 à 03:56

    Cool. Now it would be nice to allow it to use the currently logged in user’s password, like Gnome Keyring does, so we don’t have to be punished with a password prompt when using kwallet.

    Like many other users, I enter a blank password to keep it from hounding me for a password all the time. The way it works makes no sense and renders it unusable for most folks. Consider these typical use cases:

    - User on desktop computer probably does not need to have a different pw from his regular user pw. Ends up entering empty string for password, which is less secure.

    - User on laptop *might* want to use a different password in case their computer is stolen, but then the computer would have to be suspended or on when being stolen. If kwallet is already open, any perceived security when its stolen is meaningless.

    - User plays by kwallet’s rules and enters a different password. After logging in, is prompted to enter password so enters it. Kwallet is open, and stays open. Bad guy comes along while user is away from computer, with kwallet open – Thereby rendering kwallet completely useless ANYWAY.

    So all in all kwallet pretty much pointless. If you’re going to have pw management, why not just give the user the option to use the same password as the user password, like Gnome Keyring does. It’s not perfect, but I bet it a heck of a lot more secure then everyone just using «  » to avoid the annoying password prompt.

  12. Valentin
    2 avril 2013 à 07:16

    Using unix session unlocking is a feature I plan to implement, as I’m also annoyed by the suplemental password prompt. However, if you think twice, using unix password, the ‘bad guy’ has no problem looking to your passwords if you forget to lock the session when temporarily leaving. In fact, kwallet’s password is there only to protect the file on disk. It’s contents is encrypted with your password so it can’t be read by anyone with access to your home dir.

  13. Aurélien Gâteau
    2 avril 2013 à 16:37

    Great work! Nice to see this becoming reality!

  14. Valentin
    2 avril 2013 à 17:16

    @aurélien and @all: thanks a lot for your comments and for encouraging! That’s great!

  15. Sinma
    8 juin 2013 à 18:36

    Great work! Only one question, why separate applications currently connected to KWallet and those which have the authorization to access KWallet? I think you can just put all the applications in one list (more readable and no duplicate), and have an indicator to tell us if the application is connected with a temporary right, connected with a permanent right, or not connected to KWallet.

  16. Valentin
    8 juin 2013 à 20:40

    Well, that’s not a bad idea. Thanks.

  17. Till Schäfer
    11 septembre 2013 à 14:41

    Found your blog late, but here are my THX for making kwalletmanager actually usable!

  18. Valentin
    11 septembre 2013 à 15:08

    You’re welcome!

Laisser un commentaire

Connexion OpenID

Connexion Standard

Options:

Taille

Couleurs