The Blog is Hot

KWallet is annoying

Posted in kde, opensuse by mschlander on 01/08/2012

This is another post in the common complaints about kde category.

People often complain about KWallet prompting them for the password (too often). So here’s the simplest solution to this:  Simply use an empty password for KWallet, and KWallet will never prompt you for the password again.

Change KWallet Password

If you have already set up KWallet with a non-empty password, here’s how to change it:

1) Run ‘kwalletmanager’ and click on the KWallet icon in the systray – the icon might be hidden so you’ll need to click the little arrow in the systray to show hidden systray icons.

2) Right click on your wallet in the kwalletmanager window and select Change Password

3) Enter an empty password, simply by clicking OK without entering anything.

About these ads

5 comments

5 Responses

Subscribe to comments with RSS.

  1. unix0 said, on 01/08/2012 at 20:02

    2 thoughts:

    1. This post should come with an explanation as to what happens to encryption when no password is set for a wallet. Is wallet no longer encrypted at that point?

    2. Personally I’ve never been bothered by this issue because I always keep an app open that uses it. Alternatively, you could uncheck the checkbox “close when last application stops using it” so it stays open, and you only have to open it once upon login.

    Reply
    • mschlander said, on 02/08/2012 at 7:24

      Good points.

      1. The passwords will still be kept encrypted in KWallet, and you will still need to allow applications to have access to KWallet – the only difference is that you won’t be prompted for the password to open KWallet. So there is a small reduction of security, but it’s still better than keeping all the passwords for everything in plaintext on the file system.

      2. Right. Setting this option in the KWallet settings is another way to make KWallet less “obtrusive”, but I didn’t want to confuse people with a lot of details or different options. And even providing the KWallet password once per session is too much for some people.

      Reply
      • Kreinoee said, on 09/08/2012 at 19:19

        What is used as key for the encryption in this case, the users log in password?

      • mschlander said, on 10/08/2012 at 7:29

        I’m afraid I don’t know enough about the KWallet internals to answer that. But I would guess just the empty password is somehow used, leading to very weak encryption – or maybe they’re actually not encrypted at all and just stored unencrypted in the binary .kwl file. Either way it’s still better than plaintext.

        This post is aimed at users who value convenience over security, and who would happily store all their passwords in plaintext if they could, anyway.

  2. Bosstiger said, on 07/09/2012 at 11:39

    Reblogged this on Gigable – Tech Blog.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: