On Thu, 2013-10-10 at 10:28 -0500, Michael Catanzaro wrote:
I missed the distinction between login tasks (wireless networks, Telepathy accounts) and non-login tasks (web/email passwords) that Sam Bull has pointed out. So maybe non-login-related passwords could still be protected by default.
Something I've been thinking about, is if we used 2 keyrings by default,
one unprotected and one protected. Then in the password dialog, we could
have a radio button like:
x Don't store this password
Store this password for later:
x Unprotected (or 'Unlocked at login')
x Using my master password
Or some wording along those lines. The unprotected one is the login
keyring, which is technically still protected if you login, but has no
protection if you autologin.
Then the master password one is a second keyring with a separate
password. This can then still be used by regular login users as a way of
adding an extra layer of security.
I'd be interested in working on this, but I don't have the time to spare
at the moment.
Attachment:
signature.asc
Description: This is a digitally signed message part