[kscreenlocker] [Bug 491550] New: Unmasked password should be made masked as soon as confirming

Sat, 10 Aug 2024 13:47:27 -0700 

https://bugs.kde.org/show_bug.cgi?id=491550

            Bug ID: 491550
           Summary: Unmasked password should be made masked as soon as
                    confirming
    Classification: Plasma
           Product: kscreenlocker
           Version: 6.1.4
          Platform: openSUSE
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: general
          Assignee: plasma-b...@kde.org
          Reporter: john....@pelago.org.uk
  Target Milestone: ---

SUMMARY
If you enter a password on the lock screen, then press the eye icon to make it
visible, then press Return or click the arrow, the password should be
immediately masked (i.e. turned into circles) before anything else. See
Additional Info for why.

STEPS TO REPRODUCE
1. Lock your screen
2. Type your password in
3. Press the eye button to make the password visible
4. Press Return

OBSERVED RESULT
The password is still visible for a short while (see Additional Info).

EXPECTED RESULT
The password is immediately masked.

SOFTWARE/OS VERSIONS
Operating System: openSUSE Tumbleweed 20240808
KDE Plasma Version: 6.1.4
KDE Frameworks Version: 6.4.0
Qt Version: 6.7.2
Kernel Version: 6.10.3-1-default (64-bit)
Graphics Platform: X11

ADDITIONAL INFORMATION
I have two use cases for this:

1, I was using an old laptop with not a lot of RAM, which spends a lot of time
swapping (I realise this is not optimal, but anyway). I typed in my password,
pressed the eye to check it (as I typed it wrong the first time), then pressed
Return. Because of the low performance/high swapping of the machine, the
correct password was left visible for three or four seconds while the PC was
churning away, before the screen unlocked.

2, Even on a fast performance machine, if you unmask the password and still
manage to type the password in incorrectly, the incorrect password is left
visible for about three seconds before it disappears, even though it is greyed
out immediately.

As I say, in my opinion, in both these cases the password should be masked
immediately you press Return/arrow (in the same way it's greyed out
immediately), before any further processing as to whether the password is
correct or not.

Presumably there are other situations, not just slow machines, that may cause
slow checking of passwords, such as when using LDAP on a slow network, where
again you would not want the password to continue to be visible for so long.
Thanks for reading!

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to