https://bugs.kde.org/show_bug.cgi?id=384051
--- Comment #9 from Moritz Bunkus <kde@bunkus.online> ---
Thanks for the insight. Like I said, I totally understand if this particular
failure type isn't observable to kmymoney.
If I understand you & comment #3 correctly, kmymoney does have enough control
to tell the rest of the stack to forget any cached passphrase. So it would be
in kmymoney's power to give the user some control over this situation. I
suggest to add one of the following:
1. An option in the settings to always clear cached passphrases if fetching the
account failed, off by default.
2. A menu entry in the "Tools" menu called something like "Forget cached
passphrases", which the user could use.
3. If updating an account fails, show a message box asking explaining the
problem ("This might be due to a wrong passphrase or PIN.") & offering to clear
the cached passphrase/PIN & try again; ideally with a checkbox to never show
this type of question again.
4. Make passphrase/PIN caching completely optional via the settings.
I agree that this is fundamentally a thing inside aqbanking/its libraries, but
from the PoV of a user, I'm not interacting with aqbanking at that moment. I'm
using kmymoney. To the user it is totally unclear that
1. password caching is happening in the background,
2. restarting the application causes cached passwords to be forgotten,
3. waiting 60 seconds causes cached passwords to be forgotten (I found this out
by reading this bug),
4. it isn't actually kmymoney that's caching the passphrase.
All of that (save for 1., I guess) will cause the user to spend a lot of time
going through all options, all menus, dialogs etc., in order to find a way to
recover. They'll most likely end up with the "restart application" way, 'cause
"have you tried turning it off & on again" is so ingrained in general user
troubleshooting. Doesn't make it good design, though.
Of course the ideal solution is to being able to auto-detect when clearing is
necessary. My proposals above are only useful if that isn't possible due to API
limitations.
--
You are receiving this mail because:
You are the assignee for the bug.
